SSL client reuse_sessions not working?
Roger Lipscombe
roger@REDACTED
Thu Apr 2 11:18:25 CEST 2020
On Thu, 2 Apr 2020 at 10:07, Roger Lipscombe <roger@REDACTED> wrote:
> I'm investigating SSL session reuse, and I can't get my client to
> actually reuse sessions. I'm using the escript below.
I looked in the OTP source code; it only reuses client sessions if
verify is set to verify_peer.
Obviously, that causes problems in the "localhost" case, so I stubbed
that out with {verify_fun, {fun yolo/3, undefined}}.
At that point, it started reusing session IDs, but the
'session_resumption' value still came back negative. What's that
about? I was hoping to use that to assert that the session *had* been
reused.
More information about the erlang-questions
mailing list