EAP-TLS CRL checking when multiple CAs used
martin.cmelik at gmail.com
Tue Nov 15 09:23:23 CET 2011
problem has been on my side. I miss to add another one CRL into certs directory.
Thank you for all your help!
2011/11/14 Martin Čmelík <martin.cmelik at gmail.com>:
> Hi Alan,
> I did, there is nothing about it.
> Only this:
> # Check the Certificate Revocation List
> # 1) Copy CA certificates and CRLs to same directory.
> # 2) Execute 'c_rehash <CA certs&CRLs Directory>'.
> # 'c_rehash' is OpenSSL's command.
> # 3) uncomment the line below.
> # 5) Restart radiusd
> # check_crl = yes
> We have all CAs in ca.pem and CRL lists in separate file
> crl1.pem+.der, crl2.pem+.der, ect...
> that's what I did.
> OK I will try to do same thing with previous configuration. Maybe that
> I miss something.
> Thank you
> Martin Čmelík
> 2011/11/14 Alan DeKok <aland at deployingradius.com>:
>> Martin Čmelík wrote:
>>> Question is: When Freeradius receive user certificate how daemon find
>>> correct CRL list in certs directory?
>> Read raddb/eap.conf. This is documented.
>> Alan DeKok.
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users