Sorry I was referring to the username, the CN in the certificate gets sent as the username. My problem is how to reject users with valid certificates, but no entry in the database?
Cheers, Ben On Tue, 2005-09-27 at 14:01 -0400, Alan DeKok wrote: > Ben Dowling <[EMAIL PROTECTED]> wrote: > > I still haven't figured this one out, and would really appreciate some > > help. I've tried playing around with the DEFAULT profile in the users > > file, giving it Auth-Type: Reject, but certificates with CN not in the > > database are still authenticated. How do I get freeradius to check for > > the username in mysql with EAP-TLS? > > I don't recall if you can get at the CN from the certificate. Maybe > try keying off of the User-Name? > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
