Hi. I configured Freeradius with eap/tls , everything is ok, the clients have access-accept but i have set in eap.conf "check_crl=no" and now i wanna use crl, then i changed "check_crl=yes" and write "CA_path= /bin/raddb/certs/" i create crl.pem and move it to /etc/raddb/certs/, next i used 'c_rechash /etc/raddb/certs/'. I think it was everything what i must do, but in radiusd -X show me some problem. rlm_eap: Handler failed in EAP/tls rlm_eap: Failed in EAP select modcall[authenticate]: module "eap" returns invalid for request 5 modcall: leaving group authenticate (returns invalid) for request 5 auth: Failed to validate the user. Delaying request 5 for 1 seconds Finished request 5
If i hash this 2 lines in eap.conf that means 'check_crl=yes' and 'CA_path= /bin/raddb/certs/' then freeradius works ok. where is problem with using crl? ---------------------------------------------------- Oto pierwsza męska para w historii łyżwiarstwa figurowego! Zobacz ostrą jazdę po bandzie w komedii OSTRZA CHWAŁY - w kinach od 20 lipca! http://klik.wp.pl/?adr=http%3A%2F%2Fadv.reklama.wp.pl%2Fas%2Fostrza_chwaly.html&sid=1221 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html