Hi All,

I want to configure the CRL in  freeradius-1.1.1 version.

Followed the procedures given in the config file, but the result is not as expected.

The configuration in eap.conf are,

 1) Copy CA certificates and CRLs to same directory.
   I appended the crl into CA file

 2) Execute 'c_rehash <CA certs&CRLs Directory>'.
   Is it necessary? But i did this too

 3) Add 'CA_path=<CA certs&CRLs directory>'

 4) enable the crl check
    check_crl = yes
 
5) Restart radiusd

CRL says that the client certificate is revoked. But, the user is still able to get authenticated by the radius server.

Please let me know if i am missing any configuration.

Thanks for your kind help in advance.