Skip to content

mark ssl_session_tickets off; as insecure from nginx 1.23.2 #22

New issue
New issue
Open
Open
mark ssl_session_tickets off; as insecure from nginx 1.23.2#22
@HLFH

Description

@HLFH
HLFH
opened on Dec 6, 2022

Nginx 1.23.2 appears to change how ssl_session_tickets is handled and as a result we should change to setting them as enabled.

ssl_session_tickets on;

https://nginx.org/en/CHANGES

TLS session tickets encryption keys are now automatically rotated when using shared memory in the "ssl_session_cache" directive.

See mozilla/server-side-tls#284 for details.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions