[openssl-users] Confused about client side session caching

Angus Robertson - Magenta Systems Ltd angus at magsys.co.uk
Thu Jun 7 18:48:00 UTC 2018

I'm reading the TLSv1.3 notes that suggest SSL_CTX_sess_set_get_cb is
called for both clients and servers, but am confused by the

The 1.1.1 manual page still starts 'provide callback functions for
server side external session caching' with no mention of clients.   

I'm updating code that supports 1.0.2 to 1.1.1 for external session
caching, for clients and servers, so particularly interested when
client session callbacks arrived.  

The TLSv1.3 notes suggest the callback worked for clients in 1.1.0, a
quick test suggests it actually gets called in 1.0.2 as well.  Is this

Has OpenSSL internal session caching improved over the years so that
external caching is no longer necessary?  


More information about the openssl-users mailing list