...
The default is "0", which means we no longer attach the server sessions to the client by default. This is a change from previous versions of Apache Traffic Server, but it's a reasonable change since it changes what should be considered a broken behavior. Changing this configuration to "1" will not restore the old behavior, but will instead always attach the server sessions regardless of what proxy.config.http.server_max_connections is set to.
Jira: TS-2422
SSL new features and improvements
TLS 1.1 and 1.2 Configurations
There are two new options to turn off or on TLS 1.1 and TLS 1.2. By default TLS 1.2 is off (value of 0), for now, because of a problem with TLS 1.2 crashing in openssl 1.0.1, 1.0.1a, 1.0.1b, 1.0.1c, 1.0.1d, and 1.0.1e. There is an open issue with openssl http://rt.openssl.org/Ticket/Display.html?id=3200.
...
| Code Block |
|---|
CONFIG proxy.config.ssl.TLSv1_1 INT 1
CONFIG proxy.config.ssl.TLSv1_2 INT 0 |
Jira: TS-2335
RFC 5077 TLS Session tickets
For supporting RFC 5077 TLS Session tickets across a ATS cluster, all the machines need to have the same server ticket. This adds two new configurations to ssl_multicert.config:
- ssl_ticket_enabled=1|0
- ticket_key_name=FILENAME
Gentoo file layout
Runtimedir on Gentoo changed from /var/run to /run
...