1.3 KiB
| c | SPDX-License-Identifier | Long | Arg | Protocols | Help | Added | Category | Multi | See-also | Example | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. | curl | ssl-sessions | <filename> | TLS | Load/save SSL session tickets from/to this file | 8.12.0 | tls | single |
|
|
--ssl-sessions
Use the given file to load SSL session tickets into curl's cache before starting any transfers. At the end of a successful curl run, the cached SSL sessions tickets are save to the file, replacing any previous content.
The file does not have to exist, but curl reports an error if it is unable to create it. Unused loaded tickets are saved again, unless they get replaced or purged from the cache for space reasons.
Using a session file allows --tls-earlydata to send the first request
in "0-RTT" mode, should an SSL session with the feature be found. Note that
a server may not support early data. Also note that early data does
not provide forward secrecy, e.g. is not as secure.
The SSL session tickets are stored as base64 encoded text, each ticket on its own line. The hostnames are cryptographically salted and hashed. While this prevents someone to easily see the hosts you contacted, they could still check if a specific hostname matches one of the values.