Disable-TlsSessionTicketKey - Powershell 4.0 CmdLet

ActiveXperts Network Monitor ships with integrated Powershell scripts to monitor complex network. The scripts run out of the box
Download the ActiveXperts Network Monitor FREE version now »

Disable-TlsSessionTicketKey

Short description
Disables a TLS session ticket key.

Syntax


Description
The Disable-TlsSessionTicketKey cmdlet disables an administrator managed Transport Layer Security (TLS) session ticket 
key for the service account. The cmdlet disables the key for the TLS session by deleting the key and the corresponding 
rule that uses the key.


When you disable a TLS session ticket key for the service account, the service account cannot decrypt existing TLS 
session tickets. Disabling the TLS session ticket key can affect the performance of the TLS server. The TLS server 
cannot create new session tickets and must negotiate session information between the client and the server every time 
the client connects to the TLS server.


TLS creates a session ticket by using the Transport Layer Security (TLS) Session Resumption without Server-Side State 
mechanism [RFC 5077]. This mechanism helps to improve the performance of TLS. The TLS server uses this mechanism to 
create a key to encrypt a session ticket. The client can later use the encrypted session ticket to resume 
communication with the TLS server. Otherwise, the client must restart the communication by acquiring a new session 
ticket. For more information, see RFC 5077, "Transport Layer Security (TLS) Session Resumption without Server-Side 
State."