How to activate the certificate revocation list I created
Josh Hiner
josh at remc1.org
Fri Jun 5 23:01:42 CEST 2009
Hello, I have been searching for documentation on activating a
certificate revocation list I just created with openssl. It is a crl.pem
signed by my ca cert. I just need freeradius to reference it so that the
one certificate I revoked gets denied on authentication.
Here is what I have so far in my eap.conf (I am running freeradius 2.1.3
on REHL)
crl_file = ${raddbdir}/certs/makecertificates/issued/crl.pem
check_crl = yes
CA_path = ${raddbdir}/certs/makecertificates/issued/
Are these lines correct? Are any lines I have up there unnecessary?
Also, do I need to have my CA certificate in the same directory as the
crl.pem file? It seems to hint towards that in the eap.conf file.
Thanks for any help
More information about the Freeradius-Users
mailing list