Peter Carlstedt wrote:
I got some questions regarding how to make a certificate that works towards windows clients while running Freeradius with PEAP.
The howto's are detailed, and should be relatively clear.
Well I have read on the wiki for Freeradius about making a standalone cert for windows clients (root cert) but why do i need that installed on the windows clients when i want to run peap?
Because that's how peap works.
Isn´t peap meant to work in the way that you shouldnt have to install stand alone certs in the users computers?
No.
Anyway... I dont really understand what it is that i need to do to make real certificates, I´ve read the "readme" file in raddb/certs but dont understand what it says. I have got ca.cnf anf ca.pem etc since i started the radius server the first time where it said that it made some certs, which i guess it test certificates... the readme file only says that i should remove the old ones but when i try to get into the certs folder through the terminal it says i do not have permission to go into that folder.. Im using Ubuntu Desktop and I dont know a way to get into the folder with the root other than typing "sudo cd certs" which do not work. :/
This is Unix 101. You need to be "root" to edit the files in that directory.
Can I ignore the part which says that I need to remove the certs created when i run the server the first time and just do changes in the ca.cnf?
Sure. And then it won't work. Alan DeKok.