Re: EAP-TLS: limiting client certs to a select group
This is a discussion on Re: EAP-TLS: limiting client certs to a select group within the FreeRADIUS Users forums, part of the Networking and Network Related category; On Wed, 16 Mar 2005 00:09:09 -0600, David Duchscher <kreios@gmail.com> wrote: > I am ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-16-2005
|
|||
|
|||
Re: EAP-TLS: limiting client certs to a select group
On Wed, 16 Mar 2005 00:09:09 -0600, David Duchscher <kreios@gmail.com> wrote:
> I am a little behind you at the moment so really hoping this helps you. > > Have you set CA_path in the configuration file to point somewhere else? > From the code, it looks like CA_path is set to default if you don't > set it in the configuration file. I haven't. I may have misunderstood the comments in the eap.conf file, but my take on it was that CA_path is used for crl checking. So the only time I had that variable set to something meaningful was when I also set check_crl = yes. And that caused all client certificate validation to die horribly. I'll definitely check it out tomorrow, though, and post here with the results. -- Jon Franklin jvfranklin@gmail.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
