Installing Third Part Certificate on FreeRadius

McSparin, Joe jmcsparin at hillcountrymemorial.org
Tue Dec 27 20:16:18 CET 2011


I notice that the existing server.pem file contains the locality and
organization name and so forth along with a local key id before it lists
the cert chain.  Is there something I need to do to generate this? 


Joseph R. McSparin
Network Administrator
Hill Country Memorial Hospital
830 990 6638 phone
830 990 6623 fax
jmcsparin at hillcountrymemorial.org

-----Original Message-----
From:
freeradius-users-bounces+jmcsparin=hillcountrymemorial.org at lists.freerad
ius.org
[mailto:freeradius-users-bounces+jmcsparin=hillcountrymemorial.org at lists
.freeradius.org] On Behalf Of Jacob Dawson
Sent: Tuesday, December 27, 2011 12:41 PM
To: FreeRadius users mailing list
Subject: Re: Installing Third Part Certificate on FreeRadius

Yup, there's a difference.  You'll want to put the cert chain in the pem
file so that it's available for clients when you present your cert for
the first time.  Just put the cert all by itself in the crt file.

I'm about to go swap them out on our systems, so I'll review to see if
there was anything else odd about it.

Jacob M. Dawson
Network Research Engineer
Virginia Tech

On 27 Dec 2011, at 12:41, McSparin, Joe wrote:

> I have a certificate called AddTrustExternalCARoot.crt that I would
like to have FreeRadius start using.  I know I need to change the
eap.conf to look at the new cert however I was noticing that when the
test certificates are created there is both a server.crt and server.pem.
Is there a difference and do I need to do something to create a
AddTrustExternalCARoot.pem file.
> 
> Thanks,
> 
> Joseph R. McSparin
> Network Administrator
> Hill Country Memorial Hospital
> 830 990 6638 phone
> 830 990 6623 fax
> jmcsparin at hillcountrymemorial.org
> 
> 
> This email message and any attachments are for the sole use of the
intended recipient(s) and contain confidential and/or privileged
information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the
sender by reply email and destroy all copies of the original message and
any attachments.
> 
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

-- 
This email message and any attachments are for the sole use of the intended recipient(s) and contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message and any attachments.






More information about the Freeradius-Users mailing list