We are using session resumption with openssl, and to support that we are storing sessions in a file. On the server side the allowed TLS version can be configured and server admin can change it. It can be changed for example to allow only TLS 1.2. The problem is that if the client has SSL session stored on the disk from a previous connection which has different TLS version than what server expects as per the changed configuration, server drops the connection immediately. My question is, is it possible for Openssl server to recover from such a scenario, by starting a full handshake? Right now server drops the connection because of protocol mismatch. Because if that is not the case the only other option left for us is to reconnect again if server rejects connection. Thanks, Prabhat -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160729/4c8a9afc/attachment.html>
