Helo Radiususers, I have just setup a radius server with a LDAP backend for user auth for our WLAN.
It auths pretty good with certs for client/server. I was wondering, to let Radius to check if cert has not expired. So I do next copy server.public.pem to /etc/ssl copy server.privatekey.pem to /etc/ssl copy cacert.pem to /etc/ssl copy ca.crl to /etc/ssl into /etc/ssl there are more files for other services. I run c_rehash /etc/ssl and put into .conf file at tls section this private_key_file = /etc/ssl/serverprivatekey.pem private_key_password = # server cert was make with -nodes option to not need crypt certificate_file = /etc/ssl/server.public.pem CA_file = /etc/ssl/cacert.pem CA_path = /etc/ssl check_crl = yes check_cert_cn = %{User-Name} It fails with a error message, that CRL could no be found, is there any more thing I coudl do? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html