Not sending all trusted CA Certificates in EAP-TLS Server Hello
Daniel Finger
daniel.finger at ewetel.de
Wed Jan 4 16:10:57 CET 2012
Hi!
As far as I can see the Server does not send the full certificates, but only
announces the certificates the server knows. I did not read the RFC yet, but
I assume that this only informs the client which certificates can be
requested to verify the server certificate chain.
Am 04.01.2012 15:09, schrieb Alan DeKok:
>> Is it possible to change the behaviour that only the certs in the
>> certificate_file are used?
>
> Use CA_path instead of CA_file. That might help.
It does indeed help. Thanks!
--
Regards
Daniel Finger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4468 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120104/b0c80fce/attachment.bin>
More information about the Freeradius-Users
mailing list