TLS configuration
Alan DeKok
aland at deployingradius.com
Thu Feb 9 16:42:31 CET 2012
Matthew Newton wrote:
> If the tls config HAS to be called common_tls, inside the eap
> module, then there's no need for the "tls=" entry any more - which
> could be another way of doing it, albeit slightly less flexible.
There may be use-cases where multiple virtual servers can share the
same TLS configuration. Permitting a layer of indirection doesn't cost
much, and is useful.
>> The HARD thing about this is now the TLS configuration will be loaded
>> multiple times. Once each for EAP-TLS, TTLS, and PEAP. Finding a way
>> to avoid that would be good.
>
> Agreed.
I have a simple way. :) Get me a patch as suggested, and fixing the
"loading certs twice" problem is another ~5 lines of code.
Alan DeKok.
More information about the Freeradius-Devel
mailing list