TLS Check Cn Question
Alan DeKok
aland at deployingradius.com
Thu May 26 09:25:44 CEST 2011
David Mitchell wrote:
> currently I'm using the check_cert_cn option in my EAP-TLS setup. I think
> I may have the need to support two possible CN formats. Is there any
> way to do a conditional check?
Your message contains the answer to that question.
> I don't think the eap.conf file is
> unlang interpreted so I don't think I can include full regexp or if-then
> conditionals can I? Is there some other way to accomplish this? The
> docs mention possibly doing this by checking TLS-Client-Cert-CN but
> I'm not sure where exactly I would do that. Thanks in advance,
The CN is just a string. Check it like you would check any string.
Alan DeKok.
More information about the Freeradius-Users
mailing list