disable session id reuse

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

disable session id reuse

Mody, Darshan (Darshan)

Hi,

 

While doing a openssl s_time command I find that by default it tries for Session Id Reuse. “Now timing with session id reuse.”

 

In case if we don’t want openssl to reuse session id’s how can we configure openssl in the application for the same.

 

The application here is acting as a server.

 

I have set  SSL_CTX_set_session_cache_mode to SSL_SESS_CACHE_OFF

 

Thanks

Darshan


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: disable session id reuse

Devang Kubavat-2
Hi Darshan, 

In Addition, Make sure that you should disable the session ticket based session resumption using SSL_OP_NO_TICKET. 

By default SSL_OP_NO_TICKET is not disabled. 

Thanks
Devang
Sent from my iPhone

On 03-May-2018, at 2:12 PM, Mody, Darshan (Darshan) <[hidden email]> wrote:

Hi,

 

While doing a openssl s_time command I find that by default it tries for Session Id Reuse. “Now timing with session id reuse.”

 

In case if we don’t want openssl to reuse session id’s how can we configure openssl in the application for the same.

 

The application here is acting as a server.

 

I have set  SSL_CTX_set_session_cache_mode to SSL_SESS_CACHE_OFF

 

Thanks

Darshan

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: disable session id reuse

Mody, Darshan (Darshan)

Hi

 

We do set SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET); while initializing Context

 

Thanks

Darshan

 

From: openssl-users [mailto:[hidden email]] On Behalf Of Devang Kubavat
Sent: Sunday, May 6, 2018 1:42 PM
To: [hidden email]
Subject: Re: [openssl-users] disable session id reuse

 

Hi Darshan, 

 

In Addition, Make sure that you should disable the session ticket based session resumption using SSL_OP_NO_TICKET. 

 

By default SSL_OP_NO_TICKET is not disabled. 

 

Thanks

Devang

Sent from my iPhone


On 03-May-2018, at 2:12 PM, Mody, Darshan (Darshan) <[hidden email]> wrote:

Hi,

 

While doing a openssl s_time command I find that by default it tries for Session Id Reuse. “Now timing with session id reuse.”

 

In case if we don’t want openssl to reuse session id’s how can we configure openssl in the application for the same.

 

The application here is acting as a server.

 

I have set  SSL_CTX_set_session_cache_mode to SSL_SESS_CACHE_OFF

 

Thanks

Darshan

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: disable session id reuse

Mody, Darshan (Darshan)

Hi All

 

Any suggestion on the problem?

 

Thanks

Darshan

 

From: openssl-users [mailto:[hidden email]] On Behalf Of Mody, Darshan (Darshan)
Sent: Sunday, May 6, 2018 7:28 PM
To: [hidden email]
Subject: Re: [openssl-users] disable session id reuse

 

Hi

 

We do set SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET); while initializing Context

 

Thanks

Darshan

 

From: openssl-users [[hidden email]] On Behalf Of Devang Kubavat
Sent: Sunday, May 6, 2018 1:42 PM
To: [hidden email]
Subject: Re: [openssl-users] disable session id reuse

 

Hi Darshan, 

 

In Addition, Make sure that you should disable the session ticket based session resumption using SSL_OP_NO_TICKET. 

 

By default SSL_OP_NO_TICKET is not disabled. 

 

Thanks

Devang

Sent from my iPhone


On 03-May-2018, at 2:12 PM, Mody, Darshan (Darshan) <[hidden email]> wrote:

Hi,

 

While doing a openssl s_time command I find that by default it tries for Session Id Reuse. “Now timing with session id reuse.”

 

In case if we don’t want openssl to reuse session id’s how can we configure openssl in the application for the same.

 

The application here is acting as a server.

 

I have set  SSL_CTX_set_session_cache_mode to SSL_SESS_CACHE_OFF

 

Thanks

Darshan

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users