TLS questions

Alex Sharaz alex.sharaz at york.ac.uk
Tue Nov 19 11:54:05 CET 2019


ok Thanks 
Think I need to apply my site specific changes to  the 3.0.20 baseline config files
Rgds
Alex 
Sent from my iPhone

> On 19 Nov 2019, at 10:41, Matthew Newton <mcn at freeradius.org> wrote:
> 
> ´╗┐On Tue, 2019-11-19 at 10:25 +0000, Alex Sharaz via Freeradius-Users
> wrote:
>> 1). I'm looking to reject external incoming TLS auth . requests with
>> client certs containing a specific pattern in their CN.
>> 
>> Other than configuring check-eap-tls and linking it into
>> /etc/freeradius/sites-enabled, is there anything else I need to do ?
> 
> Enable virtual_server in mods-available/eap tls{} section to point to
> it.
> 
>> 2). I've just downloaded  3.0.20 and when firing up on my test server
>> I get  a message recommending that I set min_tls to 1.2 ..... fine
>> but where do I configure it?
> 
> Typo, thanks - fixed.
> 
> It's tls_min_version, in mods-available/eap.
> 
> -- 
> Matthew
> 
> 



More information about the Freeradius-Users mailing list