Read openssl manual about client revocation list.There is a field for CRL in tls section of eap.conf.
Ivan Kalik Kalik Informatika ISP Dana 18/8/2008, "Tomoki Taniguchi" <[EMAIL PROTECTED]> piše: >alan, > thank you for your help. I was wondering if this setup will allow me to >revoke individual "client" certificates on the server side (when the >laptop is stolen) without >affecting the other certificates (both "cleint" and "server" certificates). > >TIA, >Tomoki > >On Mon, Aug 18, 2008 at 2:38 PM, Alan DeKok <[EMAIL PROTECTED]> wrote: >> Tomoki Taniguchi wrote: >>> Is there a way to setup freeradius with EAP so that each wifi-client >>> has their own certificate to connect to the wifi network? >> >> This is EAP-TLS. See the EAP-TLS howto on the web site. >> >>> i want to be able to just disable a specific certificate if one one >>> the laptops is stolen or lost. >>> but the howtos i have come across so seem to be a setup where all >>> wifi-clients use the same certificate to authenticate against an >>> access point. >> >> Each client needs the same *server* certificate. This is to identify >> the server. They can have unique *client* certificates. >> >> Alan DeKok. >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > > >-- >Tomoki Taniguchi >SKYPE: taiyocable.com_taniguchi_tomoki >MSN: [EMAIL PROTECTED] >YAHOO: tomoki_taniguchi >AIM: tomoki taniguchi >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
