[openssl-users] how is it possible to confirm that a TLS ticket was used?

Viktor Dukhovni openssl-users at dukhovni.org
Tue Feb 5 16:33:50 UTC 2019

> On Feb 5, 2019, at 10:41 AM, Sam Roberts <vieuxtech at gmail.com> wrote:
>> However, because in TLS 1.3, session
>> tickets are sent *after* the completion of the handshake, it is
>> possible that the session handle you're saving is the one that does
>> not yet have any associated tickets, because they've not yet been
>> received.
> I'm saving the session that is passed to the callback in
> SSL_CTX_sess_set_new_cb() as described in
> https://wiki.openssl.org/index.php/TLS1.3#Sessions.

And then?  How are you restoring the saved session for re-use?

>>    posttls-finger: smtp.dukhovni.org[]:25: Reusing old session
> What API are you using to confirm that the ticket was used to resume
> the session? SSL_session_reused?



More information about the openssl-users mailing list