[RADIATOR] OCSP support

Heikki Vatiainen hvn at open.com.au
Wed Dec 12 07:30:06 CST 2012


On 12/07/2012 11:02 AM, Alexander Hartmaier wrote:

> does Radiator support OCSP?
> It might be a better alternative to manually downloading CRLs and
> restarting Radiator because openssl caches the CRL file.

Hello Alexander. Radiator does not support OCSP. I checked about the
reasons, and there are two main issues: first, Net-SSLeay does not have
OCSP support. The second issue is the negative effect the latency and
performance are likely to cause. This of course is site specific, but
there's still the issue of missing support in the underlying modules.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list