Walk through for External CA usage
Mathieu Simon (Lists)
matsimon.lists at simweb.ch
Wed Apr 2 06:58:30 CEST 2014
Am 02.04.2014 01:30, schrieb Alan DeKok:
> Sam Fakhreddine wrote:
>> Does anyone have a walk through for how to use external certs instead of
>> the internal certification?
>
> I'm not sure what that means. The certificates are just files. If
> you have a certificate, you can just put it into raddb/certs/, and tell
> FreeRADIUS to use it.
>
>> The internet is full of copy-paste from the documents on how to use the
>> internal cert authority.
>
> I would separate *creating* the certs from *using* them.
>
> The process of creating certs is complicated, but documented:
>
> http://deployingradius.com/documents/configuration/certificates.html
>
> Using certs is just editing the configuration files, and pointing to
> the correct files.
If you follow Alans recommendation to "leave the Validate Server
Certificate box (or equivalent) un-checked" you are likely to get to a
quick working result. If you plan to do verification on the client side
and not just ignore its content you have to send intermediate
certificates (the correctly ordered way).
https://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg84043.html
Alan: I think some of us lurkers including myself got the message on the
list... if you want (even) better doc, contribute.
-- Mathieu
---
Diese E-Mail ist frei von Viren und Malware, denn der avast! Antivirus Schutz ist aktiv.
http://www.avast.com
More information about the Freeradius-Users
mailing list