EAP-TLS CRL checking when multiple CAs used

Martin Čmelík martin.cmelik at gmail.com
Mon Nov 14 10:31:04 CET 2011


maybe that I explain it wrong.

We have now 4 CAs and 4 CRL lists where checking against them working
fine. I must add two new CAs (into ca.pam as others), but Freeradius
cant compare User certificate against correct crl list (crl5.pam,

Question is: When Freeradius receive user certificate how daemon find
correct CRL list in certs directory?

Thank you

Martin Čmelík

2011/11/14 Alan DeKok <aland at deployingradius.com>:
> Martin Čmelík wrote:
>> nobody knows how setup freeradius to check new CRL lists?
>  FreeRADIUS uses OpenSSL for CRLs (and everything SSL).  OpenSSL does
> not support dynamically adding CRLs at run time.
>  See the "ocsp" support in 2.1.12.
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list