RADSEC validation/verification
Alan Buxey
a.l.m.buxey at lboro.ac.uk
Thu Jun 9 13:35:55 CEST 2011
hi,
I note that the certificate being used in RADSEC can be validated by the
certificate issuer - but this doesnt work if there are more than
1 certificate issuer, can RADSEC be validated by for example, an OID in the
certificate?
I've noted and tried the 'verify' section - which looks rather
funky and useful...but my openssl doesnt seem to have any of the useful
arguments (-policy) - 0.9.8e-fips-rhel5
I had:
client = "/usr/bin/openssl verify -policy .1.3.6.1.4.1.25178.3.1.2 %{TLS-Client-Cert-Filename}"
but no joy :-(
alan
More information about the Freeradius-Devel
mailing list