client certs signed by server certs
Piotr Honik
piotr.honik at handso.pl
Tue Sep 15 11:50:36 CEST 2009
Hi,
I found a problem with a client cert in Windows certificate store, after
all three certs have been installed. The server cert is considered
invalid, because it lacks the privilege to sign further certs.
I hacked the Makefile a little bit, to generate client certs signed by
CA cert, not by the server certs. This way, CA signs both certs and only
the CA and client certs are required for Windows systems, and after
successful installation both are considered valid.
I do understand that eliminating server cert has a security impact, but
where should it be installed?
__________ Informacja programu ESET Smart Security, wersja bazy sygnatur wirusow 4425 (20090914) __________
Wiadomosc zostala sprawdzona przez program ESET Smart Security.
http://www.eset.pl lub http://www.eset.com
More information about the Freeradius-Users
mailing list