Can I use diffrent root CA certificates while dynamic loading certificate chains?
James Fan
polysorb at gmail.com
Wed Nov 8 08:42:03 UTC 2023
Hi, we have a case that, with multi-tenancy, there will be multiple CA
certificates in our FreeRadius server, so we need to load the certificate
chains dynamically. But when I use the statements below, I can't include
the CA certificates in the certificate files I set. The TLS-Session-Cert-File
looks like it is only for the server certificate and intermediate CA
certificates. Is there any chance of dynamic loading certificate chains
with root CA certificates? Thanks.
authenticate {
...
Auth-Type eap {
if ("%{unpack:&EAP-Message 4 byte}" == 1) {
update control {
TLS-Session-Cert-File := "${certdir}/realms/%{Realm}"
}
}
eap
}
...
}
More information about the Freeradius-Users
mailing list