SSL Cert & bootstrap script
Alan DeKok
aland at deployingradius.com
Thu Dec 11 15:39:43 CET 2008
Charles Plater wrote:
> I've used the bootstrap script to build certs for our radius server
> (2.0.5 on FreeBSD) and I've set all of the .cnf files w/ the following:
>
> default_days = 3650
> default_crl_days = 3650
>
>
> My problem is that the ca.der file that is created has an expiration
> date of 30 days. Can anyone point me in the direction of what I'm doing
> wrong?
It's a bug in OpenSSL.
The FreeRADIUS files were fixed to work around this in version 2.1.3.
You can grab the fixes in raddb/certs/Makefile.
Alan DeKok.
More information about the Freeradius-Users
mailing list