How to enable SSL session resumption

Hello,

I try to migrating from Nginx to Caddy (0.10), But I dont find how to enable Session resumption.

Thanks

Caddy supports session resumption. It uses tickets.

Caddy doesn’t support session resumption by caching, because if the server gets compromised, every client goes down with it. There’s no need for a server to store all that extra state:

To support session resumption via session IDs the server must maintain a cache that maps past session IDs to those sessions’ secret states. The cache itself is the main weak spot, stealing the cache contents allows to decrypt all sessions whose session IDs are contained in it.

Tickets work great. They’re all your clients need. And Caddy rotates these ticket keys every few hours by default unlike nginx, so Caddy’s config is even safer.

3 Likes

Hi Matt,

ok I understand. Thanks

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.