Am 04.04.2011 18:02, schrieb Alan DeKok:
Jürgen Stader wrote:
When you cloned your RADIUS server, did you give the clone a different certificate afterwards? Since you didn't answer that question directly, it looks like a "yes". You' re right, but you can read this out of the lines. The two machines have different certificates. Signed from same CA. The original radius has a trusted certificate, signed by our CA. The clone has also a trusted certificate with its DN registred in DNS. I edited the corresponding section in eap.conf and placed the filename of the new certificate- and keyfile.
private_key_file = ${certdir}/roaming.key certificate_file = ${certdir}/roaming.pem
The certificates were generate with the same attributes (exept the DN). Which avoids answering the question.
The solution to the problem is simple. The answer is in front of you.
Alan DeKok. Looks like i'm blind...please give me a hint ;-)