What you SHOULD do is consider the private key compromised and revoke the certificate. A patch was added a while back to incorporate CRL checking in the EAP-TLS module. This is really more of a PKI issue.
--Mike On Thu, 2003-10-16 at 08:54, arniel wrote: > hi guys, > > I am implementing Free Radius EAP-TLS on my network, all my wireless > clients are issued with a certificate. What I am trying to do is to block a > particular wireless client from accessing my network even if the certificate > is still valid or has not expired. This is in anticipation if the lap top > has been stolen. > > Is there something that I can do on my Free Radius Server in blocking the > wireless client w/o hampering other users who are using the wireless > network? > > I tried deleting the clients name at the raddb/users file, but to no avail. > I also tried deleting the clients certificate /etc/keys/client.p12 still to > no avail. > > > Thanks in advance... > > > arniel > > > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- --Mike ----------------------------------- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
