Helo Radiususers,
I have just setup a radius server with a LDAP backend for user auth for our
WLAN.
It auths pretty good with certs for client/server.
I was wondering, to let Radius to check if cert has not expired. So I do next
copy server.public.pem to /etc/ssl
copy server.privatekey.pem to /etc/ssl
copy cacert.pem to /etc/ssl
copy ca.crl to /etc/ssl
into /etc/ssl there are more files for other services.
I run c_rehash /etc/ssl
and put into .conf file at tls section this
private_key_file = /etc/ssl/serverprivatekey.pem
private_key_password =
# server cert was make with -nodes option to not need crypt
certificate_file = /etc/ssl/server.public.pem
CA_file = /etc/ssl/cacert.pem
CA_path = /etc/ssl
check_crl = yes
check_cert_cn = %{User-Name}
It fails with a error message, that CRL could no be found, is there any more
thing I coudl do?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
