Alan DeKok wrote:
David Mitchell wrote:
I now have 2.1.10 compiled and running. It seems to work fine. I did have to make one change to my configuration. I had been using CA_path to refer to the certificates which can authenticate clients for EAP-TLS authentication in 2.1.8. In 2.1.10, that doesn't seem to work. If I specify a single file via CA_file that works fine. I can manage either way I think since the file referenced in CA_file can contain multiple certificates. I did verify that I had run 'c_rehash' in my CA_path directory. I'm not sure why CA_path doesn't work since the OpenSSL docs indicate that they are largely interchangable. Is it an intentional change?
Nope. It's not an intentional change. I don't know why it would be different.
I did change OpenSSL versions as well so I can't say for sure that it has anything to do with FreeRadius. I'll try and poke around some and see if I can figure out what's going on. Thanks for confirming it wasn't meant to change. -David
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- ----------------------------------------------------------------- | David Mitchell (mitchell@ucar.edu) Network Engineer IV | | Tel: (303) 497-1845 National Center for | | FAX: (303) 497-1818 Atmospheric Research | -----------------------------------------------------------------