[openssl-users] how is it possible to confirm that a TLS ticket was used?

Sam Roberts vieuxtech at gmail.com
Tue Feb 5 15:41:05 UTC 2019

On Mon, Feb 4, 2019 at 9:46 PM Viktor Dukhovni
<openssl-users at dukhovni.org> wrote:
> On Mon, Feb 04, 2019 at 03:54:48PM -0800, Sam Roberts wrote:
> However, because in TLS 1.3, session
> tickets are sent *after* the completion of the handshake, it is
> possible that the session handle you're saving is the one that does
> not yet have any associated tickets, because they've not yet been
> received.

I'm saving the session that is passed to the callback in
SSL_CTX_sess_set_new_cb() as described in

>     posttls-finger: smtp.dukhovni.org[]:25: Reusing old session

What API are you using to confirm that the ticket was used to resume
the session? SSL_session_reused?


More information about the openssl-users mailing list