Check_crl (Radius with LDAP/EAP-TLS)
This is a discussion on Check_crl (Radius with LDAP/EAP-TLS) within the FreeRADIUS Users forums, part of the Networking and Network Related category; Helo Radiususers, I have just setup a radius server with a LDAP backend for user auth for our WLAN. It ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-13-2005
|
|||
|
|||
Check_crl (Radius with LDAP/EAP-TLS)
Helo Radiususers,
I have just setup a radius server with a LDAP backend for user auth for our WLAN. It auths pretty good with certs for client/server. I was wondering, to let Radius to check if cert has not expired. So I do next copy server.public.pem to /etc/ssl copy server.privatekey.pem to /etc/ssl copy cacert.pem to /etc/ssl copy ca.crl to /etc/ssl into /etc/ssl there are more files for other services. I run c_rehash /etc/ssl and put into .conf file at tls section this private_key_file = /etc/ssl/serverprivatekey.pem private_key_password = # server cert was make with -nodes option to not need crypt certificate_file = /etc/ssl/server.public.pem CA_file = /etc/ssl/cacert.pem CA_path = /etc/ssl check_crl = yes check_cert_cn = %{User-Name} It fails with a error message, that CRL could no be found, is there any more thing I coudl do? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
