W dniu 23.02.2024 o 14:59, Alan DeKok pisze:
On Feb 23, 2024, at 8:47 AM, Marek Zarychta via Freeradius-Users<freeradius-users@lists.freeradius.org> wrote:
Is there any progress with session resumption / fast reauthentication cache for Microsoft supplicant utilizing TLS 1.3 or still the same choice: either session resumption or TLS 1.3 ? I believe that Microsoft has now updated their software to allow for session resumption with TLS 1.3.
FWIW, the issue seems to be solved. No more problems with fast reauthentication from Microsoft supplicants connecting over TLS 1.3 now. In the meantime I upgraded OS from FreeBSD 13.2-STABLE to FreeBSD 14.0-STABLE, thus OpenSSL changed from 1.1.1 to 3.0.13. Perhaps OpenSSL 1.1.1 was the real culprit of brokensession resumption for Windows users ? -- Marek Zarychta