I tried the same config with 2.1.11 but the same result. My config: eap.conf- default_eap_type = tls tls { certdir = ${confdir}/certs cadir = ${confdir}/certs private_key_password = whatever private_key_file = ${certdir}/server.pem CA_file = ${cadir}/ca.pem dh_file = ${certdir}/dh random_file = ${certdir}/random CA_path = ${cadir} check_cert_cn = %{User-Name} } user- DEFAULT Auth-Type := EAP site-enables/default- post-auth{ update reply { Reply-Message += "%{TLS-Cert-Serial}" Reply-Message += "%{TLS-Cert-Expiration}" Reply-Message += "%{TLS-Cert-Subject}" Reply-Message += "%{TLS-Cert-Issuer}" Reply-Message += "%{TLS-Cert-Common-Name}" Reply-Message += "%{TLS-Client-Cert-Serial}" Reply-Message += "%{TLS-Client-Cert-Expiration}" Reply-Message += "%{TLS-Client-Cert-Subject}" Reply-Message += "%{TLS-Client-Cert-Issuer}" Reply-Message += "%{TLS-Client-Cert-Common-Name}" } } Any idea what is going wrong? Regards, -Mrinal On Tue, Aug 9, 2011 at 3:12 PM, Alan DeKok <aland@deployingradius.com>wrote:
Mrinal K wrote:
Thank you for the reply. I have 2.1.10 which I believe does support it.
Well, the examples in raddb/sites-available/default work. I don't know what you're doing differently
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- -