Description
The current implementation requires the ATS to set the ssl_ticket_enabled=0 for every entry in ssl_multicert.config to turn off the ssl ticket session support.
It would be better to have a global switch. It seems highly unlikely that someone will want to deploy ssl tickets for some destinations but not others.
Would also be good to have a switch to disable ATS from offering session tickets when communicating with origin servers.
Attachments
Issue Links
- incorporates
-
TS-4263 Session tickets keys in ssl_multicert.config do not work with SNI discovered hosts
- Closed
- is related to
-
TS-3742 ATS advertises TLS ticket extension even when disabled
- Closed
-
TS-2773 Rewrite SSL certificate configuration
- Open
- relates to
-
TS-3528 Create a global for the ticket_key_name from ssl_multicert.config
- Open
- links to