Freeradius version? In new ones you should have all of them created as you install the server. Ivan Kalik Kalik Informatika ISP Dana 2/10/2007, "Sergio Belkin" <sebelk@gmail.com> piše:
2007/10/2, Sergio Belkin <sebelk@gmail.com>:
2007/10/2, Ivan Kalik <tnt@kalik.co.yu>:
OK. Had some time to look at your certificates. You have created a server certificate but not the (signed) root one. Instead you used and exported cacert. Also your server cert and private keys are separate while in your tls config you configured them as a same file. Have a look at CA.all script that comes with the freeradius distribution (or better use it) to see how it should be done. It places the key in the same file as the certificate.
Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Ivan thanks for your time. I've deleted those files and recreated with certs.sh and CA.all. Now I have signed certificates in der, p12 and pem formats. What of these ones should I use in eap.conf. I don't understand something, root one is not "cacert.*" ? -- -- Sergio Belkin -
And I don't know why but I only get client and server certificates but not root certificate using CA.all -- -- Sergio Belkin - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html