Pbroblem with CRL check

Hi all   I've installed and use freeradius 1.0.1 for EAP/TLS auntentication. It work well without CRL.  But each time I want to active check_crl = yes on eap.conf file , authentication fail with following message :   *** unable to get certificate CRL***   Someone can help me on following ques

Re: Pbroblem with CRL check

For the way the server works currently, you will need to append your CRL file to the end of your CA certificate. When FreeRADIUS reads in the CA certificate, it will get your CRL as well. You must generate your own CRL using the openssl commands. See "man crl" for more information. --Mike --

Re: Pbroblem with CRL check

1. Create a folder somewhere (doesn't matter where, as long as the radiusd process can read it).     # mkdir /my_ca 2. Copy your CA certs and your CRLs to .pem files into this directory.     # cp johns-cacert.pem /my_ca     # cp johns-crl.pem /my_ca     # cp jims-cacert.pem /my_ca     # cp ji

Re: Pbroblem with CRL check

Hi Dean   Thanks for your answer.   How should I create CRL file ?   Jacques VUVANT