ssl_session_timeout issues

Maxim Dounin mdounin at
Mon Mar 6 14:02:33 UTC 2017


On Sun, Mar 05, 2017 at 09:58:47PM -0500, Nomad Worker wrote:

> I read the code of ssl module, the directive ssl_session_timeout seems only
> used for ssl session cache, not for ssl session ticket.  
> the document describes the directive as 'Specifies a time during which a
> client may reuse the session parameters.' Is it not exactly?
> Is there any timeout for ssl session ticket ?

The documentation is correct here, and your reading of the code is 
wrong or you are reading a very outdated version of the code.  
SSL_CTX_set_timeout() is always called, so ssl_session_timeout 
applies to all forms of session resumption, that is, both session 
cache and session tickets.  See this commit for details:

Maxim Dounin

More information about the nginx mailing list