radsecproxy December 2020

radsecproxy@lists.nordu.net

2 participants
2 discussions

Adding support for dynamic authorisation messages (CoA/Disconnect)

by Harshit Jain

Hello, I was looking to add support for Dynamic Authorization Messages - Change of Authority (CoA) and Disconnect messages - to radsecproxy. RFC for this can be found here - https://tools.ietf.org/html/rfc5176 . Before diving headfirst, I wanted to ask if it is already on the roadmap or if there has been a design discussion that I can read up on. Thanks and regards, Harshit Jain

3 years, 11 months

Why is tlsreloadcrls() only reloading CA and CRLs and not client certs ?

by Imtiyaz Mohammad

Hello Fabian/Others, We were trying to handle the client certificate expiry using the SIGHUP mechanism that invokes *tlsreloadcrls*(). Just realized that the designated role for this function is to only reload CAs and CRLs and not client certificates. What was the intention behind this ? I would assume that since the CA certificates are used to sign the client certificates, A re-read / re-cache of just the CA certificates does not make sense as the client certificates were signed by an earlier version of the CA certificate and we are still working with the cached copies. Thanks Imtiyaz

4 years, 3 months

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

radsecproxy December 2020