<br><br><div class="gmail_quote">On Tue, Jan 8, 2013 at 6:45 PM, John Dennis <span dir="ltr"><<a href="mailto:jdennis@redhat.com" target="_blank">jdennis@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On 01/08/2013 05:10 AM, Ajay Garg wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Could you please specify the order of scripts to be run, so that proper<br>
certificates may be generated - both for the server, and the client? :P<br>
</blockquote>
<br></div>
You were given the answer. It's not just a matter of running the scripts it also requires knowing what the scripts output and how to configure *both* the client and the server with the script output.<br>
<br>
You've never explained what you're doing in any detail, especially with regard to where you're generating the client cert. In a previous email I explained what the server needs and what the client needs. Now you're going to have to put that information to use. You really do have to invest the energy into learning how the pieces fit together.</blockquote>
<div><br>Ok.. so here goes what I have been wanting to accomplish :P<br><br><br>ROUTER-SIDE ::<br>===========<br><br>a)<br>Configure the router to do WPA/WPA2-Enterprise authentication.<br><br>b)<br>The authentication is to be done via a freeradius-server.<br>
<br>c)<br>I connect a wired-cable between the router and the freeradius-server-machine, to have a physical medium via which the router and the server may talk.<br><br><br>SERVER-SIDE ::<br>===========<br><br>a)<br>Freeradius-server is running on Fedora-17 (freeradius-2.2.0-0.fc17.i686)<br>
<br>b)<br>After installing freeradius, the certificates are generated via (on Fedora-17 machine) ::<br><br> su -<br> rm /etc/raddb/modules/dhcp_sqlippool<br>
cd /etc/raddb/certs<br> make destroycerts<br> make<br> make client<br>
chmod 0644 client.p12<br> chmod 0644 ca.pem<br><br>c)<br>Now, the freeradius is started on the Fedora-17 machine as ::<br><br> sudo /usr/sbin/radiusd -X &<br>
<br>Server runs fine.<br><br><br><br>CLIENT-SIDE ::<br>===========<br><br>a)<br>THE SAME FEDORA-17 MACHINE ACTS AS THE CLIENT TOO :)<br><br>b)<br>Now, from the gnome-panel applet, I try connecting to the WPA/WPA-2 Enterprise network, by setting the following settings ::<br>
<br> Wireless Security : WPA/WPA2-Enterprise<br> Authentication : TLS<br> Identity : Anonymous<br>
User Certificate : /etc/raddb/certs/client.p12<br> CA Certificate : /etc/raddb/certs/ca.pem<br>
Private Key : /etc/raddb/certs/client.p12<br> Private Key Password : whatever<br><br><br>c)<br>I click the "Connect" button.....<br>
<br><br><br>and then the dreaded logs happen :(<br><br><br><br><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="HOEnZb"><div class="h5">
<br>
<br>
-- <br>
John Dennis <<a href="mailto:jdennis@redhat.com" target="_blank">jdennis@redhat.com</a>><br>
<br>
Looking to carve out IT costs?<br>
<a href="http://www.redhat.com/carveoutcosts/" target="_blank">www.redhat.com/carveoutcosts/</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Regards,<br>Ajay<br>