EAP-TLS CRL checking when multiple CAs used
Martin Čmelík
martin.cmelik at gmail.com
Mon Nov 14 10:43:11 CET 2011
Hi Alan,
I did, there is nothing about it.
Only this:
# Check the Certificate Revocation List
#
# 1) Copy CA certificates and CRLs to same directory.
# 2) Execute 'c_rehash <CA certs&CRLs Directory>'.
# 'c_rehash' is OpenSSL's command.
# 3) uncomment the line below.
# 5) Restart radiusd
# check_crl = yes
We have all CAs in ca.pem and CRL lists in separate file
crl1.pem+.der, crl2.pem+.der, ect...
Stefan,
that's what I did.
OK I will try to do same thing with previous configuration. Maybe that
I miss something.
Thank you
—
Martin Čmelík
2011/11/14 Alan DeKok <aland at deployingradius.com>:
> Martin Čmelík wrote:
>> Question is: When Freeradius receive user certificate how daemon find
>> correct CRL list in certs directory?
>
> Read raddb/eap.conf. This is documented.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list