Cert issues

[Alan DeKok]

  Please respond to the original email, not a digest, and use a good
subject line.  It helps other people track the conversation.

Gilmour, Scott wrote:
> Alan,
> I already have certificates created on my 2008 Server so I want to use those certificates on my Ubuntu Server without creating new ones.

  That's fine.

> You mentioned my openssl configuration is wrong.  Any suggestions on how I can fix the openssl configuration?

  The file raddb/certs/Makefile creates good certificates.  The *cnf
files in the same directory create good certificates.  I don't know what
you're doing different, and it isn't really useful to look.

  Grab the certificate creation commands from the Makefile, and use
those.  Modify them to point to your files.  It *will* work.

  There's a lot of magic in creating good certs.  That magic is embedded
in the existing Makefile and config files.  Use them, they will make
your life easier.

  Alan DeKok.