Quick question RE: FreeRADIUS Trusted Root CA List

Cerney, Lawrence Lawrence.Cerney at flukenetworks.com
Fri Feb 1 19:39:27 CET 2008 

I work in a test environment and need to test with certs created with
different CA's.  I haven't been able to get more than one CA at a time
to work. I've got 8 CA's and I need to keep 7 commented out for the
certs to authenticate.

The question is can FreeRADIUS support more than one CA at a time, and
if so how?

FreeRADIUS 1.0.0-Pre3

tls {
                        private_key_password = password
                        private_key_file = /etc/1x/freeradius.pem
                        #private_key_file = /etc/1x/server512.pem
                        #private_key_file = /etc/1x/server1024.pem
                        #private_key_file = /etc/1x/server1024v3.pem
                        #private_key_file = /etc/1x/server1536.pem
                        #private_key_file = /etc/1x/server2048.pem
                        #private_key_file = /etc/1x/server4096.pem

                        #  If Private key & Certificate are located in
                        #  the same file, then private_key_file &
                        #  certificate_file must contain the same file
                        #  name.
                        certificate_file = /etc/1x/freeradius.pem
                        #certificate_file = /etc/1x/server512.pem
                        #certificate_file = /etc/1x/server1024.pem
                        #certificate_file = /etc/1x/server1024v3.pem
                        #certificate_file = /etc/1x/server1536.pem
                        #certificate_file = /etc/1x/server2048.pem
                        #certificate_file = /etc/1x/server4096.pem

                        #  Trusted Root CA list
                        CA_file = /etc/1x/FlukeNetWotter.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_512_CA.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_768_CA.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_1024_CA.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_1280_CA.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_1536_CA.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_1792_CA.pem
                        #CA_file =
/usr/local/etc/raddb/certs/PV_2048_CA.pem
                        dh_file = ${raddbdir}/certs/dh
                        random_file = ${raddbdir}/certs/random
thanks...

Larry

This message (including any attachments) contains confidential 
and/or proprietary information intended only for the addressee.  
Any unauthorized disclosure, copying, distribution or reliance on 
the contents of this information is strictly prohibited and may 
constitute a violation of law.  If you are not the intended 
recipient, please notify the sender immediately by responding to 
this e-mail, and delete the message from your system.  If you 
have any questions about this e-mail please notify the sender 
immediately.

More information about the Freeradius-Users mailing list