On 03/06/2014 07:05 AM, Morris, Andi wrote:
Hi all,
I'm working on developing a high-availability setup PacketFence, which uses freeradius to authenticate users against our internal active directory server. I've just come to implement the production self-signed certificates as laid out in http://deployingradius.com/documents/configuration/ca_import.html and when I enable the "validate server certificate" box on my windows client I am asked to accept the certificate, which is expected as I haven't deployed the CA certificate yet, however I'm seeing "127.0.0.1" presented as the radius server name in the pop up box, rather than the actual hostname.
I can't seem to find why this is happening, and I'd rather that have the server hostnames in the trusted radius server list than something generic like 127.0.0.1.
Can anyone please point me in the right direction? Debug log attached.
This problem is not likely to be found in the debug log, you need to look at the contents of your certs. % openssl x509 -text -in cert_filename How were your certs generated? Are you using the bootstrap certs? -- John