A Man in the Middle (MitM) computer receives a first session identifier from a client for a first communication session between the client and a server, and monitors Transport Layer Security (TLS) communication sessions between the client and the server, where the first session identifier is one of an unknown session identifier and an invalid session identifier. In response to receiving the first session identifier from the client, the MitM computer performs one of: requesting a second session identifier from the server for a second communication session if the first session identifier is an unknown session identifier; and transmitting, to the client, an instruction to flush a session cache in the client, where flushing the session cache in the client forces the client and the server to establish a full TLS handshake in order to obtain a session key if the first session identifier is an invalid session identifier.