3.11.3. TLS_CAPath Previous topic Parent topic Child topic Next topic

When TLS is enabled, this parameter specifies the name of a directory containing CA root certificates that may be required to validate TLS peer certificates. There must be one certificate per file and the certificates must be in PEM format. The files names are looked up by the CA ‘Subject Name’ hash value. Radiator looks for root certificates for RadSec connections in TLS_CAFile then in TLS_CAPath, so there usually is no need to set both.