On 27/05/2019 08:17, John Jiang wrote:
> I'm using OpenSSL 1.1.1
> I just use the below s_client command to test resumption.
> openssl s_client -CAfile CA.cer -tls1_2 -sess_in openssl.sess -connect
> Is there any option to take this tool to use only session id or session ticket
> for resumption?
The behaviour obviously partly depends on what the server supports. An OpenSSL
client will always use session id based resumption if possible and there is no
ticket sent from the server. If a ticket is provided it will use that instead,
unless you supply the "-no_ticket" option to s_client - which disables all
ticket support on the client.