Force update of TLS cache
Alan DeKok
aland at deployingradius.com
Mon Feb 29 16:22:53 CET 2016
On Feb 29, 2016, at 10:09 AM, Jonathan Gazeley <Jonathan.Gazeley at bristol.ac.uk> wrote:
> cache cache_tls_session {
> driver = "rlm_cache_rbtree"
> key = &TLS-Session-Id
Which is the *outer* TLS-Sesson-Id.
i.e. you can't use the module inside of the TLS tunnel, because the TLS-Session-Id doesn't exist. That's why the module is failing.
So... you've got to copy it:
server inner-tunnel {
...
update request {
TLS-Session-Id := &outer.request:TLS-Session-Id
}
...
cache_tls_session
}
> I don't think all of the lines in the update{} block are required - we were experimenting with what we could put into the cache.
Anything. They're just attributes.
Alan DeKok.
More information about the Freeradius-Users
mailing list