Re: Certificate Revocation List (EAP/TLS)

[Michael Griego]

There are no "crl_dir" and "crl" configuration options recognized by the 
server.  You must have added those.  The correct way to do this is to 
add the PEM encoded CRL to the end of your PEM encoded CA certificate, 
referenced by the CA_file configuation option, then set check_crl = yes.

--Mike
[EMAIL PROTECTED] wrote:
Have no one a solution of this problem?
thanks for help
Alain
 

Hi,
I work with freeradius 1.0.2
If I configure in the TLS section of eap.conf (without this entries the
autentification process works fine)
CA_path = /path
check_crl = yes
crl_dir = /path
crl = file
Not any certificate is accepted (I generate the certificates and the crl
with
tinyca).
How can I configure the eap.conf that the autentification process would work
correctly?
Does anyone have a working EAP/TLS autentification where the CRL works?
Thanks for help
Alain


   



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html