eap-tls and checking crl

Stefan Nowak stefek143 at wp.pl
Sat Jul 14 12:15:55 CEST 2007


Hi.

I configured Freeradius with eap/tls , everything is ok, the clients 
have access-accept but i have set in eap.conf "check_crl=no" and now i 
wanna use crl, then i changed "check_crl=yes" and write "CA_path= 
/bin/raddb/certs/" i create crl.pem and move it to /etc/raddb/certs/, 
next i used 'c_rechash /etc/raddb/certs/'. I think it was everything 
what i must do, but in radiusd -X show me some problem.
rlm_eap: Handler failed in EAP/tls
rlm_eap: Failed in EAP select
modcall[authenticate]: module "eap" returns invalid for request 5
modcall: leaving group authenticate (returns invalid) for request 5
auth: Failed to validate the user.
Delaying request 5 for 1 seconds
Finished request 5

If i hash this 2 lines in eap.conf that means 'check_crl=yes' and  
'CA_path= /bin/raddb/certs/' then freeradius works ok.
where is problem with using crl?

----------------------------------------------------
Oto pierwsza męska para w historii łyżwiarstwa
figurowego! Zobacz ostrą jazdę po bandzie w komedii
OSTRZA CHWAŁY - w kinach od 20 lipca!
http://klik.wp.pl/?adr=http%3A%2F%2Fadv.reklama.wp.pl%2Fas%2Fostrza_chwaly.html&sid=1221





More information about the Freeradius-Users mailing list