4 Apr
2011
4 Apr
'11
12:02 p.m.
Jürgen Stader wrote:
When you cloned your RADIUS server, did you give the clone a different certificate afterwards?
Since you didn't answer that question directly, it looks like a "yes".
The original radius has a trusted certificate, signed by our CA. The clone has also a trusted certificate with its DN registred in DNS. I edited the corresponding section in eap.conf and placed the filename of the new certificate- and keyfile.
private_key_file = ${certdir}/roaming.key certificate_file = ${certdir}/roaming.pem
The certificates were generate with the same attributes (exept the DN).
Which avoids answering the question. The solution to the problem is simple. The answer is in front of you. Alan DeKok.