[
https://issues.apache.org/jira/browse/TS-3742?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14618446#comment-14618446
]
Susan Hinrichs commented on TS-3742:
------------------------------------
Then your workaround for this issue until we can address it properly via
TS-3371 is to add the following line to make an explicit default
dest_ip=* ssl_cert_name=certx.pem ssl_ticket_enabled=0
certx.pem can be one of your existing cert files, or a new key pair. The
downside of this approach is that you will have a cert (probably bogus) for all
SSL connection attempts. That may not be worth cleaning up your ticket
advertising.
> ATS advertises TLS ticket extension even when disabled
> ------------------------------------------------------
>
> Key: TS-3742
> URL: https://issues.apache.org/jira/browse/TS-3742
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Susan Hinrichs
> Assignee: Susan Hinrichs
>
> Noted by [~hreindl]. Even if you have ssl_ticket_enabled=0 on the relevant
> line in ssl_multicert.config, the Server Hello message will still contain the
> ticket tls extension.
> The problem is the code is blindly resetting the ticket callback on the
> context.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
