Hello, I have been searching for documentation on activating a
certificate revocation list I just created with openssl. It is a crl.pem
signed by my ca cert. I just need freeradius to reference it so that the
one certificate I revoked gets denied on authentication.
Here is what I have so far in my eap.conf (I am running freeradius 2.1.3
on REHL)
crl_file = ${raddbdir}/certs/makecertificates/issued/crl.pem
check_crl = yes
CA_path = ${raddbdir}/certs/makecertificates/issued/
Are these lines correct? Are any lines I have up there unnecessary?
Also, do I need to have my CA certificate in the same directory as the
crl.pem file? It seems to hint towards that in the eap.conf file.
Thanks for any help
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html