problem with CA certificate using mschapv2

marcos deconya at
Wed Jan 21 14:03:35 CET 2015


Thanks, last information discovered is that CA certificate needs to have
the intermediate CA included, but there is no instructions about how to
do that. In Freeradius you need to create a ca-bundle file how apache?


For private content :-)
Public key 0x0C05942A895BD10E
FIngerprint 45B9 EC0B 58D5 B17C 8C37 95C3 0C05 942A 895B D10E

El 21/01/15 a las 13:11, Matthew Newton escribió:
> On Wed, Jan 21, 2015 at 12:38:31PM +0100, marcos wrote:
>> Yes, I was installing. The problem is that I don't know how to prepare
>> the CA certificate for the server part. Im using TERENA:
>>> If the intermediate certs are not installed on the client, are you
>>> sending them (in the right order) from the server?
>> Justly is the point where I don't know how to do. Only I discovered how
>> to add the CA, but no the Intermediate certificates. I need to prepare a
>> certificate joining all or I can mark different?
> Try:
>   Root CA cert installed on the client device.
> .pem certificate file on FreeRADIUS containing (in this order):
>   RADIUS server certificate
>   Intermediate certifiate
> The root CA should not be necessary here to send to the client, as
> it already has it and can check the chain it was sent from the
> server.
> Matthew

More information about the Freeradius-Users mailing list