BTW I use perl -MNet::SSLeay -E 'say Net::SSLeay::SSLeay_version()'
OpenSSL 1.0.1e 11 Feb 2013
From: Markus Moeller
Sent: Monday, March 24, 2014 9:59 PM
To: radiator@open.com.au
Subject: [RADIATOR] CRLs not working with EAP TLS
Hi
I have setup EAP-TLS for wired 802.1x using CRLCheck, but I noticed that
despite having the certificate serial number in the CRL Radiator still accepts
the presented certificate ( I also can see Radiator re-read the CRL file) . I
was trying to verify that the serial numbers match using the
EAPTLS_CertificateVerifyHook function but can’t extract the certificate serial
number. I tried with my $ai = &Net::SSLeay::X509_get_serialNumber($x509);
which I read does not give the serial number but an ASN.1 encoded string. Does
anybody have a tool which converts it into a serial number which I can compare
to the CRL serial number ?
Does anybody has CRL working for EAP TLS ?
Thank you
Markus
--------------------------------------------------------------------------------
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
