[openssl-users] SSL session resumption from different TLS version

Prabhat Puroshottam Prabhat.Puroshottam at outlook.com
Fri Jul 29 15:15:23 UTC 2016

We are using session resumption with openssl, and to support that we are storing sessions in a file.

On the server side the allowed TLS version can be configured and server admin can change it. It can

be changed for example to allow only TLS 1.2. The problem is that if the client has SSL session

stored on the disk from a previous connection which has different TLS version than what server

expects as per the changed configuration, server drops the connection immediately.

My question is, is it possible for Openssl server to recover from such a scenario, by starting a full

handshake? Right now server drops the connection because of protocol mismatch.

Because if that is not the case the only other option left for us is to reconnect again if server rejects




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160729/539c7593/attachment-0001.html>

More information about the openssl-users mailing list