EAP-TLS CRL checking when multiple CAs used
martin.cmelik at gmail.com
Mon Nov 14 10:43:11 CET 2011
I did, there is nothing about it.
# Check the Certificate Revocation List
# 1) Copy CA certificates and CRLs to same directory.
# 2) Execute 'c_rehash <CA certs&CRLs Directory>'.
# 'c_rehash' is OpenSSL's command.
# 3) uncomment the line below.
# 5) Restart radiusd
# check_crl = yes
We have all CAs in ca.pem and CRL lists in separate file
crl1.pem+.der, crl2.pem+.der, ect...
that's what I did.
OK I will try to do same thing with previous configuration. Maybe that
I miss something.
2011/11/14 Alan DeKok <aland at deployingradius.com>:
> Martin Čmelík wrote:
>> Question is: When Freeradius receive user certificate how daemon find
>> correct CRL list in certs directory?
> Read raddb/eap.conf. This is documented.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users