3.0.14 TLS Session Cache
Alan DeKok
aland at deployingradius.com
Wed Jun 7 17:28:48 CEST 2017
On Jun 7, 2017, at 10:49 AM, Wussler, Doug <doug.wussler at fsu.edu> wrote:
>
> If I set the “name” and “persist_dir” parameters in the “cache” section of the “tls-config”
> in mods-enabled/eap, the TLS Session cache works as expected and users can perform a fast reconnect.
> But if I don’t care about the TLS cache persisting across a server reboot, am I supposed to be able
> to comment out the “persist_dir” parameter?
Not in 3.0.14. See the ChangeLog.
> If I don’t set the “persist_dir” parameter, I cannot
> get the TLS session cache to work.
Yes. See the comments in raddbs/mods-available/eap.
> If I don’t care about preserving this cache across a server
> reboot, I’m thinking it will be more efficient and less maintenance to use only an in-memory
> TLS cache. Is an in-memory-only TLS cache an option or is it a requirement that it get written
> to and read from disk?
It's now a requirement that it's written to disk.
Alan DeKok.
More information about the Freeradius-Users
mailing list