radiusd -X On First Boot

Fajar A. Nugraha fajar at fajar.net
Tue Jan 5 23:07:38 CET 2010


On Wed, Jan 6, 2010 at 3:37 AM, John Dennis <jdennis at redhat.com> wrote:
> 2) The certificates created are *temporary* and *not* intended for
> production use. As such it's always a good idea to bring this crucial fact
> to the attention of the person installing the server. No better way to make
> them aware of this than forcing them to perform a manual step. Otherwise
> they'll blindly think everything is hokey-dokey and deploy the server with
> temporary self-signed certs.

RHEL's mod_ssl RPM creates and uses self-signed certs by default. For
consistency reasons, both freeradius and mod_ssl should have the same
behaviour regarding self-signed certs.

-- 
Fajar



More information about the Freeradius-Users mailing list