Posted 2020-09-15 with tags Apache 2.4, Apache (httpd), linux, web servers, Debian, Debian 10, SSL, mod_ssl

Visiting the documentation for the Apache 2.4 mod_ssl configuration, the following warning is included:

TLS session tickets are enabled by default. Using them without restarting the web server with an appropriate frequency (e.g. daily) compromises perfect forward secrecy.

Until a proper automated key rotation mechanism is built into mod_ssl it seems like turning session tickets off is sensible. Just add:

SSLSessionTickets off

to the mod_ssl configuration file located at /etc/apache2/mods-enabled/ssl.conf.

Instead of session tickets (which offload much of SSL session state info to the client), the ssl session will fallback to session IDs, which are set to be cached by default via the mod_socache_shmcb in the default mod_ssl configuration.

Here is a good SO post with a bit more info. Once Apache rolls out a key rotation solution that doesn't rely on the apache server being restarted manually every day, it's probably best to turn SSLSessionTickets back on.