intermediate certificate handling

Alan Buxey A.L.M.Buxey at
Fri Sep 25 16:32:51 CEST 2009


not really covered on the WIKI and there is some stuff on the mailing list
archives so it would be good for some clarification.

if a RADIUS server has a certificate that has been signed by an intermediate
certificate, what is the corretc process to ensure that the client is
happy with the RADIUS cert. I believed that the process is something like

certificate_file = server.crt

where server.crt contains the server cert, the intermediate cert and then the root 
cert all concatenated together

..and then 


which isnt used at all for PEAP or EAP-TTLS can then be just ignored.

I , personally, have a self signed cert as per recommendation 

but is the above generally correct


More information about the Freeradius-Users mailing list