Fwd: Way to configure logging to emit SSL Certificate info with a failure message?

Andy Arp bubbaandy89 at gmail.com
Thu Mar 9 15:47:23 UTC 2023

Looking for ways to configure version 3.0.x to emit additional log data
when an SSL error occurs.  Specifically looking for ways to emit the SAN or
even the ID of the certificate being presented to make it easier to track
down badly configured clients without having to turn on debug mode.

Example of log message we're seeing as too generic currently:

Mon Mar  6 10:32:59 2023 : ERROR: (0)   ERROR: SSL says error 23 :
certificate revoked

More information about the Freeradius-Users mailing list