[openssl-users] OpenSSL - Session Resumption on an On-going Connection

Viktor Dukhovni openssl-users at dukhovni.org
Wed Nov 21 23:12:27 UTC 2018

On Wed, Nov 21, 2018 at 05:45:19PM +0000, Filipe Fernandes wrote:

> I've followed your example, and it looks like the server is doing what it's
> supposed to, however, I'm getting a disconnect from the server when the
> session expires. Which should not happen, and I can't seem to find a reason
> for this to be happening.
> As previously said, I'm developing a server that handles always-on TLS
> connections, and I'm trying to perform a session resumption.

I thought you wanted renegotiation, not resumption, servers can't
do "resumption", because resumption is what you do to avoid a full
handshake on a *new* connection, and only the client can reconnect.

You seem to be confused, and have not explained your requirements
clearly.  What is your *goal*?

What does "always on" mean to you?  Only clients can resume previous
sessions, when reconnecting to a server.  Is that what you're trying
to do? (Implement a server with a session cache for client resumption?
Support session tickets? Is there just one server or a server "farm"?
Do the clients support resumption?)

Or are you trying to periodically rekey a long-running connection?

Or something else?


More information about the openssl-users mailing list