virtual server configuration

usawebbox at fastmail.fm usawebbox at fastmail.fm
Thu Mar 13 10:36:07 CET 2008


>   It also says:
> 			#  If CA_file (below) is not used, then the
> 			#  certificate_file below MUST include not
> 			#  only the server certificate, but ALSO all
> 			#  of the CA certificates used to sign the
> 			#  server certificate.
> 
>   Please read ALL of the comments in a module you are configuring.
> Selectively reading them means that you miss vital information.
> 
>   Alan DeKok.

Except that my server cert does contain a CA cert. I'm not 100% sure
it's sufficient, because it was issued from an intermediate CA (it needs
to be the signer(s) not the issuer, right?), so I went to another CA got
a webserver cert in pem format directly from the root. Downloaded the
root CA cert in pem format and appended them.... same error:

Error reading Trusted root CA list (null)

Do we know this mode is working (No CA_File, but certificate file with
server cert + ca cert)? In any case, I'd be willing to experiment more.
-- 
  
  usawebbox at fastmail.fm

-- 
http://www.fastmail.fm - Access your email from home and the web




More information about the Freeradius-Users mailing list