Check the subject and issuer in the EAP-TLS

Michal Prochazka michalp at ics.muni.cz
Fri May 12 15:00:04 CEST 2006


>   BTW, here is `CA_file' parameter in `tls' module, so CA certificate 
> know to us. And we can check this CA without any external script

I don't understand what are you meaning with this? This patch doesn't 
check the CA. The check script is run after the successuf TLS 
authentication.

-- 
Michal Prochazka // michalp at ics.muni.cz

Supercomputing Center Brno
Institute of Computer Science
Masaryk University
Botanicka 68a, 60200 Brno, CZ

CESNET z.s.p.o.
Zikova 4, 16200 Praha 6, CZ
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2920 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060512/e3bd77e1/attachment.bin>


More information about the Freeradius-Users mailing list