EAP-TLS issues

Alan DeKok aland at deployingradius.com
Thu Feb 8 02:02:21 CET 2007

Riccardo Veraldi wrote:
> Hello,
> I would like to authorize users based on their certificate.
> Actually is only possible to look at CN using freeradius.
> Is there any plan to support looking at the complete DN of
> the certificate  so that is possible to check for Locality
> field or other fileds inside hte certificate subject ?

  When someone sends a patch.

> Often hte CN is not a unique method, more than one
> user can have same CN if the locality is different.
> This happens in my situation for example.
> IS there a way to check against other fields of the certificate

  Yes.  Write code to do that.

  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

More information about the Freeradius-Users mailing list