HI Geoff, Willy
Great to see TLS onloader continue.
> Le 22 août 2019 à 16:33, Geoff Simmons <[email protected]> a écrit :
>
> On 8/22/19 14:40, Willy Tarreau wrote:
>>
>>> I would suggest naming it something like fc_authority or
>>> fc_pp_authority, to be specific about where it came from.
>
> Since you used fc_pp_authority in an example further down, I'll take
> that as the choice (unless somebody yells). Seems better to me, since
> just "authority" could refer to a number of things.
>
fc_pp_authority seems ok.
(fc_)authority could refer to ssl_fc_sni for ssl connection or host header for
http connection.
About the TLS onloader configuration. If i understand the principle of servers
set to 0.0.0.0 and stick table:
The server configuration will look like:
server s0 0.0.0.0:0 ssl sni fc_pp_authority
[…]
For stick part, to correctly reused TLS connection, destination IP + authority
should be used.
Regards
Manu
