Windows Server 2022 does not support session tickets with TLS 1.2

dcol

5/1/24, 4:27 PM

I spent 3 days tracking this down. Apparently Windows Server 2022 does not support Session tickets using any TLS below 1.3. The handshake disconnects. This can be tested by changing the maximum TLS to 1.2 in Firefox - about:config - security.tls.version.max=3

The culprit is reg setting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\EnableSslSessionTicket If this exists and set to a value of one. Then Session tickets is enabled. This is a great new feature except it only supports TLS 1.3 This issue greatly affected users with ActiveSync.

So the question is, Is there any way to support session tickets with TLS 1.2. Maybe this is a Microsoft oversight and will be fixed in a future update. This all ties into the lack of full support of Session Resumption.

371

0 + 2

ssl

Greg Askew

5/1/24, 5:08 PM

That is odd considering TLS Session Tickets have been supported by Microsoft Windows for 10 years. Long before TLS 1.3 was supported. You should reach out to your Microsoft rep or open a case with Microsoft support.

dcol

5/2/24, 6:42 PM

They may have been supported in the past, but with Windows Server 2022 the TLS handshake fails with TLS 1.2. Works with 1.3. Don't have an MS rep.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Windows Server 2022 does not support session tickets with TLS 1.2

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.