Re: EAP-TLS: limiting client certs to a select group
This is a discussion on Re: EAP-TLS: limiting client certs to a select group within the FreeRADIUS Users forums, part of the Networking and Network Related category; On Tue, 15 Mar 2005 18:59:02 -0500, Alan DeKok <aland@ox.org> wrote: > Jon Franklin &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-16-2005
|
|||
|
|||
Re: EAP-TLS: limiting client certs to a select group
On Tue, 15 Mar 2005 18:59:02 -0500, Alan DeKok <aland@ox.org> wrote:
> Jon Franklin <jvfranklin@gmail.com> wrote: > > On a follow-up to this, I found that the certificate I was using > > (Thawte Freemail Member) was being validated against a set of root > > certs in /usr/share/ssl/certs/ca-bundle.crt (I'm using Fedora Core 3, > > btw). > > There's probably some global OpenSSL config somewhere.... Does anyone here use EAP-TLS? How are you limiting the client certificates that freeradius will allow through? I guess if I can have a whitelist of clients in an sql database (or something to that effect) that can be checked _after_ EAP-TLS does its thing, that would work... Would it? I can't be the first person to have stumbled over this problem, can I? -- Jon Franklin jvfranklin@gmail.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
