The default TLS session ticket key used by OpenSSL uses AES128-CBC-SHA256; considering the security offered by newer ciphersuites, the TLS session ticket key algorithm should be updated/improved, at least to AES256-CBC-SHA256. See: https://github.com/openssl/openssl/issues/514 Cheers, TJ