OpenSSL: SessionTicket TLS extension problem

Posted by rursw1 on Stack Overflow See other posts from Stack Overflow or by rursw1
Published on 2010-04-19T12:56:08Z Indexed on 2010/04/21 13:43 UTC
Read the original article Hit count: 268

Filed under:
|
|
|

Hello,

I'm using an application which uses OpenSSL for client TLS side. We upgrade the OpenSSL version from 0.9.8e to 0.9.8k. And then TLS doesn't work...

Wireshark shows that the new version (with OpenSSL 0.9.8k) sends the client hello packet with a SessionTicket extension - and the server side responds with a fatal internal error.

The previous version sends an almost identical hello packet, but without the SessionTicket ext.

When I replaced TLSv1_client_method with SSLv23_client_method, everything worked fine - the sent client hello packet was a SSLv2 one (In the sniffer) without any extension (as it wasn't TLS but SSL?)

Is there a better way to disable this extension or to solve the problem in another way?

Thanks in advance, rursw1

© Stack Overflow or respective owner

Related posts about openssl

Related posts about tls