[openssl-users] Possible to control session reuse from the client?

Viktor Dukhovni openssl-users at dukhovni.org
Thu Sep 29 22:00:21 UTC 2016

> On Sep 29, 2016, at 11:55 AM, Daniel Janzon <janzon at gmail.com> wrote:
> For performance testing purposes, I would like to turn off session reuse in the (homegrown) client I use for testing. Is there a function in the openssl library to do it?
> I tried googling for "openssl client don't send session id" but I didn't find anything useful.

Just do nothing.  Client sessions are not reused unless you explicitly
arrange for reuse of a session by calling SSL_set_session() before
SSL_connect().  If you're trying to avoid wasting memory on storing
client-side sessions that you'll never reuse then this may help:

   SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_OFF);

but note this is also the default state, so is also not needed unless
some other code has explicitly enabled client-side caching of sessions.

Only the server-side cache is enabled by default.


More information about the openssl-users mailing list