HI  Geoff, Willy

Great to see TLS onloader continue.

> Le 22 août 2019 à 16:33, Geoff Simmons <ge...@uplex.de> a écrit :
> 
> On 8/22/19 14:40, Willy Tarreau wrote:
>> 
>>> I would suggest naming it something like fc_authority or
>>> fc_pp_authority, to be specific about where it came from.
> 
> Since you used fc_pp_authority in an example further down, I'll take
> that as the choice (unless somebody yells). Seems better to me, since
> just "authority" could refer to a number of things.
> 

fc_pp_authority seems ok.
(fc_)authority could refer to ssl_fc_sni for ssl connection or host header for 
http connection.


About the TLS onloader configuration. If i understand the principle of servers 
set to 0.0.0.0 and stick table:
The server configuration will look like:
   server s0 0.0.0.0:0 ssl sni fc_pp_authority
   […]
For stick part, to correctly reused TLS connection, destination IP + authority 
should be used.

Regards
Manu


Reply via email to