Decoupled accounting

[Devinder Singh]

Ok once i have made the changes shoud i repeat the steps in the

/etc/raddb/README to generate the certs , server and client once again?



2009/8/4 Ivan Kalik <tnt at kalik.net>:
>> ok could you let me know what do i need to alter in the Make File.
>>
>> Just wanted to make sure i dont do something wrong here
>>
>> What are the steps that i need to take to do this.
>>
>> I can see a Makefile in /etc/raddb/certs
>
> I don't know much about makefiles. I have altered one using "hit and miss"
> method.
>
> Alter the client section like this:
>
> client.csr client.key: client.cnf
>        openssl req -new  -out client.csr -keyout client.key -config
> ./client.cnf
>
> client.crt: client.csr ca.pem ca.key index.txt serial
>        openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr
> -key $(PASSWORD_CA) -out client.crt -extensions xpclient_ext
> -extfile xpextensions -config ./client.cnf
>
> client.p12: client.crt
>        openssl pkcs12 -export -in client.crt -inkey client.key -out
> client.p12  -passin pass:$(PASSWORD_CLIENT) -passout
> pass:$(PASSWORD_CLIENT)
>
> client.pem: client.p12
>        openssl pkcs12 -in client.p12 -out client.pem -passin
> pass:$(PASSWORD_CLIENT) -passout pass:$(PASSWORD_CLIENT)
>        cp client.pem $(USER_NAME).pem
>
> .PHONY: server.vrfy
> client.vrfy: ca.pem client.pem
>        c_rehash .
>        openssl verify -CApath . client.pem
>
>
> Ivan Kalik
> Kalik Informatika ISP
>
>



-- 
Devinder