Commit 96752cd5 authored by Jonathan Gazeley's avatar Jonathan Gazeley
Browse files

Revert "Also package cache_tls module while is required by the tls_cache server"

This reverts commit 02221f39.
parent 02221f39
cache cache_tls_session {
driver = "rlm_cache_rbtree"
# The key used to index the cache. It is dynamically expanded
# at run time.
key = &TLS-Session-Id
# The TTL of cache entries, in seconds. Entries older than this
# will be expired.
#
# This value should be between 10 and 86400.
ttl = 3600 # 60 mins
update {
&session-state:TLS-Session-Data := &session-state:TLS-Session-Data
#
# If you want to store authorization attributes too, consider
# performing LDAP/SQL lookups in the tls-cache virtual server
# and storing the results in &session-state:
#
# The complete list can then be restored along with the
# TLS-Session-Data using the entry below.
#
# Policies run in Post-Auth then have access to the same data
# irrespective of whether the session is being resumed.
#
# &session-state: += &session-state:
}
}
cache cache_ocsp {
driver = "rlm_cache_rbtree"
# The key used to index the cache. It is dynamically expanded
# at run time.
key = &session-state:TLS-Client-Cert-Serial
update {
&control:TLS-OCSP-Cert-Valid := &TLS-OCSP-Cert-Valid
}
}
......@@ -78,9 +78,6 @@ class freeradius (
freeradius::site { 'tls-cache':
source => 'puppet:///modules/freeradius/tls-cache',
}
freeradius::module { 'cache_tls':
source => 'puppet:///modules/freeradius/cache_tls',
}
# Set up concat policy file, as there is only one global policy
# We also add standard header and footer
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment