Reject certificate in use
Alan DeKok
aland at deployingradius.com
Sun Nov 10 12:57:26 UTC 2024
On Nov 10, 2024, at 7:51 AM, Alexey D. Filimonov <alexey at filimonic.net> wrote:
> But how to store attributes to database? Is there any universal way to write some "logs" to database the way I want?
You can run SQL statements "in line" in the configuration files:
post-auth {
...
%{sql:INSERT into .... }
Then, just write an SQL statement.
> Ex, I want to write Calling Station ID and Certificate thumbprint to database in post-auth, and read it back in auth or pre-auth to check.
If you're enforcing that a Calling-Station-ID is tied to a certificate, then you don't want to write it out in post-auth. Or, you only write it out the *first* time you see a certificate, and then enforce it after that.
Alan DeKok.
More information about the Freeradius-Users
mailing list