EAP-TLS CRL checking when multiple CAs used
Martin Čmelík
martin.cmelik at gmail.com
Tue Nov 15 09:23:23 CET 2011
Hi all,
problem has been on my side. I miss to add another one CRL into certs directory.
Thank you for all your help!
Best regards,
—
Martin Čmelík
2011/11/14 Martin Čmelík <martin.cmelik at gmail.com>:
> Hi Alan,
>
> I did, there is nothing about it.
>
> Only this:
>
> # Check the Certificate Revocation List
> #
> # 1) Copy CA certificates and CRLs to same directory.
> # 2) Execute 'c_rehash <CA certs&CRLs Directory>'.
> # 'c_rehash' is OpenSSL's command.
> # 3) uncomment the line below.
> # 5) Restart radiusd
> # check_crl = yes
>
> We have all CAs in ca.pem and CRL lists in separate file
> crl1.pem+.der, crl2.pem+.der, ect...
>
> Stefan,
>
> that's what I did.
> OK I will try to do same thing with previous configuration. Maybe that
> I miss something.
>
> Thank you
>
>
> —
> Martin Čmelík
>
>
>
>
> 2011/11/14 Alan DeKok <aland at deployingradius.com>:
>> Martin Čmelík wrote:
>>> Question is: When Freeradius receive user certificate how daemon find
>>> correct CRL list in certs directory?
>>
>> Read raddb/eap.conf. This is documented.
>>
>> Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>
More information about the Freeradius-Users
mailing list