Supplicant seems not to send password user
tnt at kalik.co.yu
tnt at kalik.co.yu
Tue Oct 2 21:52:02 CEST 2007
Use default values:
private_key_password = whatever
private_key_file = ${raddbdir}/certs/cert-srv.pem
certificate_file = ${raddbdir}/certs/cert-srv.pem
CA_file = ${raddbdir}/certs/demoCA/cacert.pem
Root contains the key as well. You export root.der to XP clients.
Ivan Kalik
Kalik Informatika ISP
Dana 2/10/2007, "Sergio Belkin" <sebelk at gmail.com> piše:
>2007/10/2, Ivan Kalik <tnt at kalik.co.yu>:
>>
>>
>> OK. Had some time to look at your certificates. You have created a server
>> certificate but not the (signed) root one. Instead you used and exported
>> cacert. Also your server cert and private keys are separate while in your
>> tls config you configured them as a same file. Have a look at CA.all script
>> that comes with the freeradius distribution (or better use it) to see how it
>> should be done. It places the key in the same file as the certificate.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
>Hi Ivan thanks for your time. I've deleted those files and recreated
>with certs.sh and CA.all.
>Now I have signed certificates in der, p12 and pem formats. What of
>these ones should I use in eap.conf.
>I don't understand something, root one is not "cacert.*" ?
>--
>--
>Sergio Belkin -
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list