EAP-TLS - CRL Checking - Expired?

Stephen Bowman stephenbb at gmail.com
Mon Nov 6 21:53:56 CET 2006


We're using FreeRadius as the EAP server in a wireless environment.  All
clients have smart cards, so as such we're using EAP-TLS.  My question is in
relation to CRL checking.  I currently download CRLs nightly, but over the
weekend it looks like perhaps the CRL download failed as nobody could
connect, and in the logs is a series of errors like:

Error: --> verify error:num=12:CRL has expired

What determines the expire time of a CRL?

I noticed that within the CRL there is a Next Update field.. is this what it
uses?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061106/33f0576c/attachment.html>


More information about the Freeradius-Users mailing list