[openssl-users] SSL_CTX_set_timeout does not work properly

Viktor Dukhovni openssl-users at dukhovni.org
Wed Feb 1 22:11:31 UTC 2017

On Wed, Feb 01, 2017 at 11:26:30AM +0000, Devang Kubavat wrote:

> But when I set t=0 in SSL_CTX_set_timeout(ctx,0), I am getting different behavior.
> Session is resumed up to 7200 seconds. Wireshark log shows Ticket Lifetime Hint: 7200 seconds.

Instead of setting a zero-timeout, just disable session resumption:

    SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET);
    SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);


More information about the openssl-users mailing list