Reloading CRL for EAP-TLS
jan at tomasek.cz
Mon Feb 4 16:59:51 CET 2008
Alan DeKok wrote:
> Jan Tomasek wrote:
>> When CRL is changed on disk during freeRadius is running it never
>> notices changed version and still uses older cached. This behavior come
>> from OpenSSL I guess. For my implementation is this serious problem.
>> Complete restart of freeRadius will break ongoing EAP sessions and
>> introduce random problems with service for users
>> Is there chance to get this fixed?
> 2.0 handles HUP better. It is easier to fix this issue in 2.0.
> Right now, 2.0 doesn't re-load CRL's on HUP. It doesn't crash, either...
I understand that you are not planing to fix that for old freeRadius
1.1.x. I was testing on this version because majority of eduroam admins
are using this version.
Are you planing improve CRL support in version 2.0 in some near future?
Jan Tomasek aka Semik
More information about the Freeradius-Users