279a0afffb
GnuTLS has a hardcoded three day limit on OCSP response age regardless of the next update value in the response. To make this work in the test scripts, try to generate a new response when starting the authentication server. The old mechanism of a response without next update value is used as a backup option if openssl is not available or fails to generate the response for some reason. Signed-off-by: Jouni Malinen <j@w1.fi>
21 lines
603 B
Text
21 lines
603 B
Text
driver=none
|
|
radius_server_clients=auth_serv/radius_clients.conf
|
|
radius_server_acct_port=1813
|
|
eap_server=1
|
|
eap_user_file=auth_serv/eap_user.conf
|
|
|
|
interface=as
|
|
ctrl_interface=/var/run/hostapd
|
|
ctrl_interface_group=admin
|
|
|
|
ca_cert=auth_serv/ca.pem
|
|
server_cert=auth_serv/server.pem
|
|
private_key=auth_serv/server.key
|
|
ocsp_stapling_response=LOGDIR/ocsp-server-cache.der
|
|
server_id=server.w1.fi
|
|
eap_sim_db=unix:/tmp/hlr_auc_gw.sock
|
|
dh_file=auth_serv/dh.conf
|
|
pac_opaque_encr_key=000102030405060708090a0b0c0d0e0f
|
|
eap_fast_a_id=101112131415161718191a1b1c1d1e1f
|
|
eap_fast_a_id_info=test server
|
|
eap_sim_aka_result_ind=1
|