How to activate the certificate revocation list I created
Josh Hiner
josh at remc1.org
Mon Jun 8 14:46:04 CEST 2009
Just wondering if anyone out there is able to provide any feedback on
this? Sorry to bother. I just cant find any consistent documentation or
examples out there. I have the crl created, just need to know how to
implement the crl.pem correctly.
Thanks!
> Hello, I have been searching for documentation on activating a
> certificate revocation list I just created with openssl. It is a
> crl.pem signed by my ca cert. I just need freeradius to reference it
> so that the one certificate I revoked gets denied on authentication.
>
> Here is what I have so far in my eap.conf (I am running freeradius
> 2.1.3 on REHL)
>
> crl_file = ${raddbdir}/certs/makecertificates/issued/crl.pem
> check_crl = yes
> CA_path = ${raddbdir}/certs/makecertificates/issued/
>
> Are these lines correct? Are any lines I have up there unnecessary?
> Also, do I need to have my CA certificate in the same directory as the
> crl.pem file? It seems to hint towards that in the eap.conf file.
>
> Thanks for any help
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list