9 Jun
2011
9 Jun
'11
7:35 a.m.
hi, I note that the certificate being used in RADSEC can be validated by the certificate issuer - but this doesnt work if there are more than 1 certificate issuer, can RADSEC be validated by for example, an OID in the certificate? I've noted and tried the 'verify' section - which looks rather funky and useful...but my openssl doesnt seem to have any of the useful arguments (-policy) - 0.9.8e-fips-rhel5 I had: client = "/usr/bin/openssl verify -policy .1.3.6.1.4.1.25178.3.1.2 %{TLS-Client-Cert-Filename}" but no joy :-( alan