OCSP conditional use_nonce

Emile Swarts emile.swarts123 at gmail.com
Wed Apr 6 13:20:07 UTC 2022


We're checking certificates against an OCSP endpoint, which doesn't support

Everything works fine, and we've added this to the eap module configuration:
      use_nonce = no

The plan is to support multiple PKIs in the future and were wondering what
the most elegant way would be to support OCSP endpoints that support nonce
and ones that don't.

Is there a way to set this value at runtime based on request attributes?


More information about the Freeradius-Users mailing list