boneyard
Mar 10, 2013MVP
ssl::renegotiate changes SSL session ID and makes it impossible to resume?
when calling ssl::renegotiate (in v11.2 / 11.3) it seems that the SSL session ID changes (very slightly, gets +1 somewhere near 2/3s) and can't be used anymore by new resume requests that request in my opinion correctly the new SSL session ID. so the client is aware of a new session ID, but when using it in Client Hello is denied and gets a totally different one in Server Hello.
have others experienced this behaviour? is this documented somewhere?