On Tue, 15 Mar 2005 18:59:02 -0500, Alan DeKok <[EMAIL PROTECTED]> wrote: > Jon Franklin <[EMAIL PROTECTED]> wrote: > > On a follow-up to this, I found that the certificate I was using > > (Thawte Freemail Member) was being validated against a set of root > > certs in /usr/share/ssl/certs/ca-bundle.crt (I'm using Fedora Core 3, > > btw). > > There's probably some global OpenSSL config somewhere....
Does anyone here use EAP-TLS? How are you limiting the client certificates that freeradius will allow through? I guess if I can have a whitelist of clients in an sql database (or something to that effect) that can be checked _after_ EAP-TLS does its thing, that would work... Would it? I can't be the first person to have stumbled over this problem, can I? -- Jon Franklin [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
