18 Jun
2015
18 Jun
'15
8:04 a.m.
On Jun 18, 2015, at 7:25 AM, Jüri Palis <jyri.palis@gmail.com> wrote:
But I had an impression that in-memory and persistent cache behave exactly the same way except persistent cache can survive daemon restarts. So what you are saying is that EAP-TLS session resumption works only when persistent disk caching is enabled?
No. My tests show that if you enable the "cache" sub-section of the EAP module, it does in-memory session caching. You MUST set attributes to cache. See raddb/mods-available/eap, and the "cache" sub-section. The TLS-* attributes are available ONLY when a client certificate is used, as with EAP-TLS. It works in all of my tests. Alan DeKok.