Is TLS session resumption supported for Inbound Decryption with PFS ciphers in TLS1.2?

3622

Created On 01/30/23 23:01 PM - Last Modified 10/04/23 21:03 PM

Decryption Policy

SSL Inbound Inspection

Decryption

Policy

Next-Generation Firewall

Strata

Question

Is TLS session resumption supported for Inbound Decryption with PFS ciphers?

Note: TLS session resumption is a feature that allows a client and a server to reuse the cryptographic parameters of a previous TLS session, without having to perform a full handshake again.

Environment

Palo Alto Firewalls
PAN-OS 9.1, 10.1, 10.2 and 11:00
Inbound Decryption
PFS (Perfect Forward Secrecy) ciphers in use
TLS1.2

Answer

Session resumption will not work in TLS1.2 inbound decryption and with PFS ciphers in use

Additional Information

Note: TLS session resumption is not the same as TLS secure renegotiation

Is TLS session resumption supported for Inbound Decryption with PFS ciphers in TLS1.2?

Question

Environment

Answer

Additional Information

Other users also viewed: