I have a question related to the ssl.log. As I am no expert of the SSL protocol, it is higly probable that I am missing something here.
I noticed in the ssl.log several cases where the field “established” is T, but there is no certificate found (no fuids) and the field validation_status in empty (-). In the code I saw that the field “established” is set to T if the event ssl_established is generated. Is it possible to establish an ssl session without certificates? Is it because some sessions can be resumed with tickets as described in RFC 5077?
I’d appreciate some help to save me some time…