We're using FreeRadius as the EAP server in a wireless environment. All clients have smart cards, so as such we're using EAP-TLS. My question is in relation to CRL checking. I currently download CRLs nightly, but over the weekend it looks like perhaps the CRL download failed as nobody could connect, and in the logs is a series of errors like:
Error: --> verify error:num=12:CRL has expired
What determines the expire time of a CRL?
I noticed that within the CRL there is a Next Update field.. is this what it uses?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
