EAP-TLS cert
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Fri May 16 10:17:57 CEST 2008
Hi,
> I've installed FreeRadius-2.0.4 and run fine.
> Here a few thing I had editted.
>
> Clients.conf
> client 192.168.0.0/24 {
> secret = testing123-1
> shortname = private-network-1
> }
>
> eap {
> default_eap_type = tls
> }
> ....
>
> tls {
> fragment_size =1024
> include_lenght = yes
> }
>
> users
> MarsindNet Cleartext_Password := "hello"
> Reply-Message = "Hello, %{User-Name}"
>
> Now..I want to test connecting with Windows XP but I could not find
> root.der or cert-clt.p12 like previous version has.
when you installed FR 2.0.x, if you did not supply your own certs, then the
first thing it would have done upon running is create its own new ones. they'll
be in $RADDB/certs - see the documentation for the files to use. if you
DID let FR generate them, they'll be snakeoil dummy certs that only last 30 days.
so you'll need to read the Makefile in the certs directory edit client.cnf and server.cnf
appopriately and remake them(!)
alan
More information about the Freeradius-Users
mailing list