Hi there, So, I've tried to use OCSP validation with the certificates issued by eduPKI (so this covers the majority of eduroam national operators and some identity providers). Radiator didn't like it and kicked up failures.
I then tried manually verifying and that succeeds, using this command-line: openssl ocsp -issuer /etc/radiator/cert/roaming-eduPKI-CA.crt -cert /etc/radiator/cert/hostname-eduPKI.pem -CAfile /etc/radiator/cert/roaming-eduPKI-CA.crt -url http://ocsp.edupki.org/OCSP-Server/OCSP The URL is obviously retrieved from the certificate, but it appears there's something missing when Radiator tries to do an OCSP verify. Thoughts? With kind regards Stefan
_______________________________________________ radiator mailing list radiator@lists.open.com.au https://lists.open.com.au/mailman/listinfo/radiator
