Help with 802.1x Certificate

Phil Mayers p.mayers at imperial.ac.uk
Fri Sep 14 16:55:49 CEST 2012


On 14/09/12 15:38, Tyller D wrote:
>
>
> On Fri, Sep 14, 2012 at 4:07 PM, Alan DeKok <aland at deployingradius.com
> <mailto:aland at deployingradius.com>> wrote:
>
>     Tyller D wrote:
>      > I have everything configured and working when I disabled "validate
>      > server Certificate" on windows.
>      > I have a wildcard certificate purchased from godaddy.com
>     <http://godaddy.com>.
>
>        I'm not sure that will work.
>
> Is there a reason for that? Godaddy is in the list of servers to
> validate against?

The wildcard might cause difficulty.

On the other hand, Windows might pay the wildcard no attention.

> My question is, all the certificates leading to the  server certifcate -
> where do I add them?

In the same file. This is documented in the default eap.conf:

#  If CA_file (below) is not used, then the
#  certificate_file below MUST include not
#  only the server certificate, but ALSO all
#  of the CA certificates used to sign the
#  server certificate.
certificate_file = ${certdir}/server.pem

That is, you put the sever, intermediate and (optionally) root cert into 
${certdir}/server.pem


More information about the Freeradius-Users mailing list