SSL_SESSION_set1_ticket ?

Viktor Dukhovni openssl-users at
Tue Apr 2 16:03:58 UTC 2019

> On Apr 2, 2019, at 11:17 AM, Jeremy Harris <jgh at> wrote:
> If I understand right from rfc5077 the next record from the server after
> the server-hello should have been an empty session_ticket, if it was
> going to accept the resumed session.  But it goes on to a full handshake
> instead.
> Is there any way of finding out what it didn't like?

Does the server have a temporally stable ticket decryption key?
Is this Exim?  Is the server's SSL_CTX persistent and shared
across multiple connections?  IIRC Exim has a completely fresh
SSL stack initialized after fork for every client...


More information about the openssl-users mailing list