Quick question RE: FreeRADIUS Trusted Root CA List
Cerney, Lawrence
Lawrence.Cerney at flukenetworks.com
Fri Feb 1 19:39:27 CET 2008
I work in a test environment and need to test with certs created with
different CA's. I haven't been able to get more than one CA at a time
to work. I've got 8 CA's and I need to keep 7 commented out for the
certs to authenticate.
The question is can FreeRADIUS support more than one CA at a time, and
if so how?
FreeRADIUS 1.0.0-Pre3
tls {
private_key_password = password
private_key_file = /etc/1x/freeradius.pem
#private_key_file = /etc/1x/server512.pem
#private_key_file = /etc/1x/server1024.pem
#private_key_file = /etc/1x/server1024v3.pem
#private_key_file = /etc/1x/server1536.pem
#private_key_file = /etc/1x/server2048.pem
#private_key_file = /etc/1x/server4096.pem
# If Private key & Certificate are located in
# the same file, then private_key_file &
# certificate_file must contain the same file
# name.
certificate_file = /etc/1x/freeradius.pem
#certificate_file = /etc/1x/server512.pem
#certificate_file = /etc/1x/server1024.pem
#certificate_file = /etc/1x/server1024v3.pem
#certificate_file = /etc/1x/server1536.pem
#certificate_file = /etc/1x/server2048.pem
#certificate_file = /etc/1x/server4096.pem
# Trusted Root CA list
CA_file = /etc/1x/FlukeNetWotter.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_512_CA.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_768_CA.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_1024_CA.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_1280_CA.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_1536_CA.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_1792_CA.pem
#CA_file =
/usr/local/etc/raddb/certs/PV_2048_CA.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
thanks...
Larry
This message (including any attachments) contains confidential
and/or proprietary information intended only for the addressee.
Any unauthorized disclosure, copying, distribution or reliance on
the contents of this information is strictly prohibited and may
constitute a violation of law. If you are not the intended
recipient, please notify the sender immediately by responding to
this e-mail, and delete the message from your system. If you
have any questions about this e-mail please notify the sender
immediately.
More information about the Freeradius-Users
mailing list