disable ssl_session_tickets

it's only recently added so is a config error otherwise

h5bp/directive-only/ssl.conf

@@ -13,6 +13,8 @@ ssl_prefer_server_ciphers  on;
 ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
 ssl_session_timeout  10m;
 
+# Session tickets appeared in version 1.5.9
+#
 # nginx does not auto-rotate session ticket keys: only a HUP / restart will do so and
 # when a restart is performed the previous key is lost, which resets all previous
 # sessions. The fix for this is to setup a manual rotation mechanism:
@@ -20,7 +22,7 @@ ssl_session_timeout  10m;
 #
 # Note that you'll have to define and rotate the keys securely by yourself. In absence
 # of such infrastructure, consider turning off session tickets:
-ssl_session_tickets off;
+#ssl_session_tickets off;
 
 # Use a higher keepalive timeout to reduce the need for repeated handshakes
 keepalive_timeout 300; # up from 75 secs default