[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: TLS questions
From: Alex Sharaz via Freeradius-Users <freeradius-users () lists ! freeradius ! org>
Date: 2019-11-19 10:54:05
Message-ID: 2E91EF8F-46E1-4BEE-8B28-5D6F85CD59D0 () york ! ac ! uk
[Download RAW message or body]
ok Thanks
Think I need to apply my site specific changes to the 3.0.20 baseline config files
Rgds
Alex
Sent from my iPhone
> On 19 Nov 2019, at 10:41, Matthew Newton <mcn@freeradius.org> wrote:
>
> On Tue, 2019-11-19 at 10:25 +0000, Alex Sharaz via Freeradius-Users
> wrote:
>> 1). I'm looking to reject external incoming TLS auth . requests with
>> client certs containing a specific pattern in their CN.
>>
>> Other than configuring check-eap-tls and linking it into
>> /etc/freeradius/sites-enabled, is there anything else I need to do ?
>
> Enable virtual_server in mods-available/eap tls{} section to point to
> it.
>
>> 2). I've just downloaded 3.0.20 and when firing up on my test server
>> I get a message recommending that I set min_tls to 1.2 ..... fine
>> but where do I configure it?
>
> Typo, thanks - fixed.
>
> It's tls_min_version, in mods-available/eap.
>
> --
> Matthew
>
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic