<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Jouni Malinen schrieb:
<blockquote cite="mid:20090318164855.GA15738@jm.kir.nu" type="cite">
<pre wrap="">On Wed, Mar 18, 2009 at 05:12:58PM +0100, Norbert Wegener wrote:
</pre>
<blockquote type="cite">
<pre wrap="">For testing eap/tls authenticatiopn in freeradius I use a git
version(around 2 month old) of eapol_test.
This works fine in general, but I found htat eapol_test accepts expired
certificates that the radius server hands out.
</pre>
</blockquote>
<pre wrap=""><!---->
How did you configure eapol_test? If it is configured to validate the
server certificate (i.e., ca_cert is set), it should reject expired
certificates. If ca_cert is not set, the exact behavior depends on which
TLS library you are using (if I remember correctly, OpenSSL ends up
allowing the connection while the internal TLS implementation will
reject the expired certificate).
</pre>
</blockquote>
Ah, ca_cert had been missing in the config. That's it.<br>
Thanks<br>
Norbert Wegener<br>
<br>
<br>
<br>
<div class="moz-signature">-- <br>
<pre><font face="Arial, sans-serif"><font size="2">----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------</font></font>
<font face="Arial, sans-serif"><font size="2">Norbert Wegener</font></font>
<font face="Arial, sans-serif">Siemens IT Solutions and Services GmbH & Co. OHG</font>
<font face="Arial, sans-serif">SIS GO NW PSU2</font>
<font face="Arial, sans-serif">Kruppstraße 16 </font>
<font face="Arial, sans-serif">D-45128 Essen </font>
<font face="Arial, sans-serif">Phone : +49 (0) 201 816-3116</font>
<font face="Arial, sans-serif">Fax. : +49 (0) 201 816-5581284</font>
<font face="Arial, sans-serif"><a class="moz-txt-link-freetext"
href="mailto:norbert.wegener@siemens.com">mailto:norbert.wegener@siemens.com</a></font></pre>
<br>
<pre><font face="Arial"><font style="font-size: 8pt;" size="1">Siemens IT Solutions and ServicesGmbH & Co. OHG</font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Offene Handelsgesellschaft, Sitz der Gesellschaft: München; Registergericht: München, HRA 69235;</font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Geschäftsführende Gesellschafterin: Siemens Business Services Beteiligungs-GmbH, </font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Geschäftsführer: Christoph Kollatz, Vorsitzender; Jürgen Frischmuth, Michael Schulz-Drost;</font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Sitz der Gesellschaft: München; Registergericht: München, HRB 50462; </font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Weitere Gesellschafter: Siemens Business Services Investment GmbH & Co. KG,</font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Sitz der Gesellschaft: München; Registergericht: München, HRA 86893; </font></font>
<font face="Arial"><font style="font-size: 8pt;" size="1">Persönlich haftende Gesellschafterin der Siemens Business Services Investment GmbH & Co. KG: </font></font>
<font style="font-size: 8pt;" size="1"><font face="Arial">Siemens Business Services Beteiligungs-GmbH, Geschäftsführer: Christoph Kollatz, Vorsitzender; Jürgen Frischmuth, Michael Schulz-Drost; Sitz der Gesellschaft: München; Registergericht: München, HRB 50462 WEEE-Reg.Nr. DE 88294312</font></font>
</pre>
<p><br>
</p>
</div>
</body>
</html>