EAP-TLS with CRL Howto
I've recently setup EAP-TLS on Ubuntu 12.04 and managed to get CRL's to work, using the c_rehash - which appears to have caused lots of people trouble. [In fact, I couldn't find a single walk-through or functional outcome using the documented ways on either this list of the OpenSSL list - so it seems like a highly relevant need..] I was thinking of posting a walk-through to the list - and would be glad to add it to a Wiki page [and/or]. However, the irritation levels seem fairly high today, so I thought I'd ask before I toss it out there. I'd really like to keep both of my legs intact. :) So [tl;dr]: Is an EAP-TLS guide with a working CRL something appropriate for the list/wiki? If so, any suggestions before I do the final edits and complete the write-up? -Greg
Gregory Sloop wrote:
I've recently setup EAP-TLS on Ubuntu 12.04 and managed to get CRL's to work, using the c_rehash - which appears to have caused lots of people trouble. [In fact, I couldn't find a single walk-through or functional outcome using the documented ways on either this list of the OpenSSL list - so it seems like a highly relevant need..]
I suspect most people just don't do that.
I was thinking of posting a walk-through to the list - and would be glad to add it to a Wiki page [and/or].
Just add it to the Wiki, and post the link here.
So [tl;dr]: Is an EAP-TLS guide with a working CRL something appropriate for the list/wiki? If so, any suggestions before I do the final edits and complete the write-up?
The existing EAP-TLS guide works, but has screenshots for XP, which is bad. An updated one would be good. I'd say use the existing one as a template, and update the Wiki with new text. That would be very appreciated. Alan DeKok.
On 28 Feb 2014, at 15:51, Gregory Sloop <gregs@sloop.net> wrote:
I've recently setup EAP-TLS on Ubuntu 12.04 and managed to get CRL's to work, using the c_rehash - which appears to have caused lots of people trouble. [In fact, I couldn't find a single walk-through or functional outcome using the documented ways on either this list of the OpenSSL list - so it seems like a highly relevant need..]
I was thinking of posting a walk-through to the list - and would be glad to add it to a Wiki page [and/or].
However, the irritation levels seem fairly high today, so I thought I'd ask before I toss it out there. I'd really like to keep both of my legs intact. :)
So [tl;dr]: Is an EAP-TLS guide with a working CRL something appropriate for the list/wiki? If so, any suggestions before I do the final edits and complete the write-up?
Oh, were always nice to people who contribute. Yes, that would be useful, could you put it here: http://wiki.freeradius.org/guide/EAP-TLS-with-CRL reStructuredText is the preferred markup, but Markdown is OK too. Use the preview function to avoid too many spurious commits. Please note on the page whether the guide is for v2.x.x or 3.x.x. Thanks, -Arran Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
participants (3)
-
Alan DeKok -
Arran Cudbard-Bell -
Gregory Sloop