Forum Discussion

MVP

Mar 10, 2013

ssl::renegotiate changes SSL session ID and makes it impossible to resume?

when calling ssl::renegotiate (in v11.2 / 11.3) it seems that the SSL session ID changes (very slightly, gets +1 somewhere near 2/3s) and can't be used anymore by new resume requests that request in ...

Employee

Mar 13, 2013

I haven't gotten my head completely around this one yet, but I'm leaning toward an issue/behavior of RFC 5077 "Transport Layer Security (TLS) Session Resumption without Server-Side State".

In the meantime, aside from avoiding the additional (complete) renegotiation, can you elaborate on what are you trying to achieve that this behavior is preventing?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)