suddenly problem with certificates / error in SSLv3 read client certificate B
Stephan Manske
gmane-reply at stephan.manske-net.de
Wed Jan 23 22:33:03 CET 2013
Am 23.01.2013, 21:13 Uhr, schrieb Alan DeKok <aland at deployingradius.com>:
> Stephan Manske wrote:
>> I think I found the issue:
> ...
>> makes ca.key dependant to the date of index.txt and serial
>>
>> Both files are updated every time a new client cert is build. IMHO.
>
> OK. That's a better explanation than "FreeRADIUS is wrong".
>
> There's a fix on github, which will be in 2.2.1.
ca.key ca.pem: ca.cnf
@[ -f index.txt ] || $(MAKE) index.txt
@[ -f serial ] || $(MAKE) serial
openssl req -new -x509 -keyout ca.key -out ca.pem \
-days $(CA_DEFAULT_DAYS) -config ./ca.cnf
I am only a make noob, but is there a reason not to use
order-only-prerequisites?
"Occasionally, however, you have a situation where you want to impose a
specific ordering on the rules to be invoked without forcing the target to
be updated if one of those rules is executed. In that case, you want to
define order-only prerequisites. Order-only prerequisites can be specified
by placing a pipe symbol (|) in the prerequisites list: any prerequisites
to the left of the pipe symbol are normal; any prerequisites to the right
are order-only:
targets : normal-prerequisites | order-only-prerequisites"
Does this work with specific make commands only? So you cannot use it in
freeradius to be compatible?
Ciao, Stephan
More information about the Freeradius-Users
mailing list