How to log "TLS name" instead of username

Johannes Koepcke impic at impic.org
Mon Jul 4 12:53:08 CEST 2011


Hey,

I'm running a freeradius2 server with mysql. Some users are authenticating via mschapv2 and some through eap-tls.
My problem is that for eap-tls, the actual username field doesn't matter, user's could specify anything as the username, as long as their certificates are valid. So I would like to log the name of the certificate owner instead of the radius username to my radpostauth table. How would I do that? Or do you recommend another way to accomplish what I'm trying to do?

Thanks in advance,
Johannes.



More information about the Freeradius-Users mailing list