PEAP/MSCHAPv2 problem
Jürgen Stader
juergen.stader at hs-furtwangen.de
Mon Apr 4 19:00:06 CEST 2011
Am 04.04.2011 18:02, schrieb Alan DeKok:
> Jürgen Stader wrote:
>>> When you cloned your RADIUS server, did you give the clone a different
>>> certificate afterwards?
> Since you didn't answer that question directly, it looks like a "yes".
You' re right, but you can read this out of the lines. The two machines
have different certificates. Signed from same CA.
>> The original radius has a trusted certificate, signed by our CA. The
>> clone has also a trusted certificate with its DN registred in DNS.
>> I edited the corresponding section in eap.conf and placed the filename
>> of the new certificate- and keyfile.
>>
>> private_key_file = ${certdir}/roaming.key
>> certificate_file = ${certdir}/roaming.pem
>>
>> The certificates were generate with the same attributes (exept the DN).
> Which avoids answering the question.
>
> The solution to the problem is simple. The answer is in front of you.
>
> Alan DeKok.
Looks like i'm blind...please give me a hint ;-)
More information about the Freeradius-Users
mailing list