[RADIATOR] CRLs not working with EAP TLS
Markus Moeller
huaraz at moeller.plus.com
Mon Mar 24 16:59:18 CDT 2014
Hi
I have setup EAP-TLS for wired 802.1x using CRLCheck, but I noticed that despite having the certificate serial number in the CRL Radiator still accepts the presented certificate ( I also can see Radiator re-read the CRL file) . I was trying to verify that the serial numbers match using the EAPTLS_CertificateVerifyHook function but can’t extract the certificate serial number. I tried with my $ai = &Net::SSLeay::X509_get_serialNumber($x509); which I read does not give the serial number but an ASN.1 encoded string. Does anybody have a tool which converts it into a serial number which I can compare to the CRL serial number ?
Does anybody has CRL working for EAP TLS ?
Thank you
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20140324/ac18a5ae/attachment-0001.html
More information about the radiator
mailing list