v4: Can't see TLS certificate fields from `send Access-Accept` section anymore
Alan DeKok
aland at deployingradius.com
Thu Feb 18 01:46:59 CET 2021
On Feb 17, 2021, at 3:10 PM, Nick Bogdanov <nickrbogdanov at gmail.com> wrote:
> Hmm, still no luck enabling check-eap-tls. If I set `virtual_server =
> check-eap-tls` in mods-enabled/eap and then symlink
> sites-available/check-eap-tls to sites-enabled/, it aborts on startup:
> ..
> ...freeradius-server/pfx/etc/raddb/sites-enabled/check-eap-tls[31]:
> virtual server check-eap-tls MUST contain a 'namespace' option
OK. :( I think that example needs to be updated.
>
> If I add `namespace = check-eap-tls` at the top of the server {}
No, you may need to add `namespace = tls` IIRC. I'll have to double-check this.
Some of the code is still in flux unfortunately.
> section, radiusd gets to the end of the handshake and then rejects the
> request here:
> ...
> (8.0) eap.tls - ERROR: Failed to find pre-compiled unlang for
> section server check-eap-tls { ... }
Yes, without a correct `namespace`, the rules aren't compiled.
We're actually cleaning up this code and examples right now. It might be a bit before we're done.
Alan DeKok.
More information about the Freeradius-Users
mailing list