TLS/SSL Cache Automatic Purge
luky-37 at hotmail.com
Tue Apr 12 09:23:15 UTC 2016
> Just to be perfectly clear: does that mean that session tickets are
> supported for any version of nginx (including <v1.5.9), provided
> OpenSSL 0.9.8f is available?
> So the directive would be kind of 'intercepting' TLS commands, a man in
> the middle of client and OpenSSL?
No, the feature  sets SSL_OP_NO_TICKET , which instructs OpenSSL
to NOT use TLS tickets. By default, OpenSSL uses tickets.
> The only information for ssl_session_timout is “Specifies a time during
> which a client may reuse the session parameters stored in a cache.”
> It does not say anything about purging the TLS/SSL Cache which is my
> concern here.
I don't think the sessions are purged, its probably an LRU.
More information about the nginx