<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
<br>here is the output : <br><br><br><br> Evaluating ("%{TLS-Client-Cert-Subject}" =~xxxxxxxx//) -> TRUE<br>++? if ("%{TLS-Client-Cert-Subject}" =~ /\/xxxxxx\// ) -> TRUE<br>++- entering if ("%{TLS-Client-Cert-Subject}" =~ /\/O=xxxxxxxxxxxx\// ) {...}<br>+++? if ("%{TLS-Client-Cert-Subject}" =~ /\/OU=xxxxxxxxxxxx\// )<br> expand: %{TLS-Client-Cert-Subject} -> /xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<br>? Evaluating ("%{TLS-Client-Cert-Subject}" =~ /\/xxxxxxxxxxxxxxx\//) -> TRUE<br>+++? if ("%{TLS-Client-Cert-Subject}" =~ /\/xxxxxxxxxxxxxxxxx\// ) -> TRUE<br>+++- entering if ("%{TLS-Client-Cert-Subject}" =~ /\/xxxxxxxxxxxxxxxxxx\// ) {...}<br>++++[noop] returns noop<br>+++- if ("%{TLS-Client-Cert-Subject}" =~ /\/xxxxxxxxxxxxxxxxxxx\// ) returns noop<br>+++ ... skipping else for request 21: Preceding "if" was taken<br>++- if ("%{TLS-Client-Cert-Subject}" =~ /\/xxxxxxxxxxxxxxxxxxxxxx\// ) returns noop<br>Login OK: [xxxxxxxxxxxxxxxxxx] (from client xxxxxxxxxxx<br><br><br>I understand that eap returns ok so user is authenticated.<br>It's not what i want to do. <br>i want client certificate to be authenticated by :<br>- be in users files<br>- have the "right" certificate<br><div><div id="SkyDrivePlaceholder"></div><hr id="stopSpelling">From: A.L.M.Buxey@lboro.ac.uk<br>To: zoumlander@hotmail.com; freeradius-users@lists.freeradius.org<br>Subject: Re: [EAP/TLS] Authenfication through a certificate<br>Date: Fri, 8 Feb 2013 16:20:20 +0000<br><br>
As already said, post output of radiusd -X<br>
(that will clearly show the logic taken)<br>
<br>
alan<br>
<br>
<br></div> </div></body>
</html>