Hi Alan, I did, there is nothing about it. Only this: # Check the Certificate Revocation List # # 1) Copy CA certificates and CRLs to same directory. # 2) Execute 'c_rehash <CA certs&CRLs Directory>'. # 'c_rehash' is OpenSSL's command. # 3) uncomment the line below. # 5) Restart radiusd # check_crl = yes We have all CAs in ca.pem and CRL lists in separate file crl1.pem+.der, crl2.pem+.der, ect... Stefan, that's what I did. OK I will try to do same thing with previous configuration. Maybe that I miss something. Thank you — Martin Čmelík 2011/11/14 Alan DeKok <aland@deployingradius.com>:
Martin Čmelík wrote:
Question is: When Freeradius receive user certificate how daemon find correct CRL list in certs directory?
Read raddb/eap.conf. This is documented.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html