freeradius and certs
K. Hoercher
wbhoer at gmail.com
Fri Jun 23 16:34:44 CEST 2006
The .pem .p12 and .der are just typical endings of filenames
containing certs in different 'styles'. FR will use the .pem ones
(default in openssl, I think). windows in general is more easily
convinced to accept .der.
Assuming you talk about some eap-* usage, FR alone, in most
circumstances, will only need 1 root and 1 server certificate (might
be helpfully named root* and cert-srv*), encoded in PEM format, thus
*.pem.
Whatever you run as supplicant on what OS determines what sort of
client certificate (and eventually root certificate, perhaps in
different encoding than the one above) you need.
So depending on what you're actually trying to achieve, you only need
a subset of the3x3-matrix you listed.
regards
K. Hoercher
More information about the Freeradius-Users
mailing list