[
https://issues.apache.org/jira/browse/TS-3301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Brian Geffon updated TS-3301:
-----------------------------
Attachment: traffic_line_rotation_6.diff
> TLS ticket rotation
> -------------------
>
> Key: TS-3301
> URL: https://issues.apache.org/jira/browse/TS-3301
> Project: Traffic Server
> Issue Type: Bug
> Components: Core, SSL
> Reporter: Brian Geffon
> Assignee: Brian Geffon
> Fix For: 5.3.0
>
> Attachments: traffic_line_rotation_6.diff
>
>
> We all know that it is bad security practice to use the same password/key all
> the time. This project tries to rotate TLS session ticket keys periodically.
> When an admin runs "traffic_line -x" after a new ticket key is put in the key
> file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL.
> The keys are read in all at the same time and the first entry is the most
> recent key. A new key is assumed to be put at the beginning of ssl_ticket.key
> file and an old key is chopped off at the end from the file.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
