Hi, recommend that you get eg OReilly book on OpenSSL. with a basic undertsanding of OpenSSL all of these files and processes become much more transparent.
1. To make a successful EAP/TLS connection I need the following certificates:
correct
2. And those files are:
with SSL you get various types of files - all of them hold the same information but show them in different ways. some platforms need a .pkcs12, others need a .der or a .crt etc if you read the eap.conf you will clearly see the different files that FreeRADIUS needs. what you need to give to your clients depends on the platform involved.
And then also another file is needed, what does this file do?:
dh
diffie-hellman - http://en.wikipedia.org/wiki/Diffie-Hellman
And also this, what does this file do?:
Random
random - a squawking bird typed the minutes of the last blood-alien intrenational chess competition meeting. how random can you get? its a way of ensuring that the keying material really is random. for some people a large file of junk is ranom, for others a device will generate random stuff - either a software device eg /dev/random or a crpytographic card with a random engine. alan