ssl-sessions.md (1454B)
1 --- 2 c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3 SPDX-License-Identifier: curl 4 Long: ssl-sessions 5 Arg: <filename> 6 Protocols: TLS 7 Help: Load/save SSL session tickets from/to this file 8 Added: 8.12.0 9 Category: tls 10 Multi: single 11 See-also: 12 - tls-earlydata 13 Example: 14 - --ssl-sessions sessions.txt $URL 15 --- 16 17 # `--ssl-sessions` 18 19 Use the given file to load SSL session tickets into curl's cache before 20 starting any transfers. At the end of a successful curl run, the cached 21 SSL sessions tickets are saved to the file, replacing any previous content. 22 23 The file does not have to exist, but curl reports an error if it is 24 unable to create it. Unused loaded tickets are saved again, unless they 25 get replaced or purged from the cache for space reasons. 26 27 Using a session file allows `--tls-earlydata` to send the first request 28 in "0-RTT" mode, should an SSL session with the feature be found. Note that 29 a server may not support early data. Also note that early data does 30 not provide forward secrecy, e.g. is not as secure. 31 32 The SSL session tickets are stored as base64 encoded text, each ticket on 33 its own line. The hostnames are cryptographically salted and hashed. While 34 this prevents someone from easily seeing the hosts you contacted, they could 35 still check if a specific hostname matches one of the values. 36 37 This feature requires that the underlying libcurl was built with the 38 experimental SSL session import/export feature (SSLS-EXPORT) enabled.