On Apr 17, 2023, at 1:05 AM, Çağlar Karahan <karahancaglar94@gmail.com> wrote:
I am using the TLS-Client-Cert-Common-Name attribute to get client certificate common name value and use it in the authorize section. While it does read the issue attributes from CA that comes with it, it ignores the client attribute. How can I get the value of a client certificate?
If it doesn't show up in the debug output, then it's not in the certificate. Have you tried using the OpenSSL tools to look at the certificate? What's the common name there?
*Here is the debug output:*
<huge whitespace delete>
*Fri Apr 7 09:03:13 2023 : Debug: (5) EAP-Type = TLSFri Apr 7 09:03:13 2023 : Debug: (5) TLS-Client-Cert-Serial := "33ffb07c337ec3bc"Fri Apr 7 09:03:13 2023 : Debug: (5) TLS-Client-Cert-Expiration := "231109075300Z"Fri Apr 7 09:03:13 2023 : Debug: (5)
That isn't helpful. Alan DeKok.