Certificate information

Alan DeKok aland at deployingradius.com
Mon Mar 30 17:35:46 CEST 2015


On Mar 30, 2015, at 11:28 AM, Franks Andy (IT Technical Architecture Manager) <Andy.Franks at sath.nhs.uk> wrote:
>  I need to be clearer on this obviously. We have a situation where one or two senior engineers are changing infrastructure and not being open about it, they do not want to do the "teamwork" thing and I politically cannot force them to do so since they operate at the same level as me, hence me trying to check the certificate presented to see if it fell into the "acceptable" template created at the project start. It's not ideal, but the technology route will be quicker route to resolution. Politics!
> End users cannot create certificates.

  It's weird, but if you don't want to use a CA... 

> I'll re-read the docs, but the sites-enabled/default seems to be the main place where the TLS-* attributes are mentioned.

  They're in the default configuration.  Maybe someone deleted them.

> Not sure about the 3.1.0 thing - my version says: 
> freeradius: FreeRADIUS Version 3.1.0 (git #1411859), for host x86_64-unknown-linux-gnu, built on Aug  5 2014 at 17:42:11
> Copyright (C) 1999-2014 The FreeRADIUS server project and contributors
> ?

  You installed the "master" branch from git.  Don't do that.  Use a released version.

  Alan DeKok.




More information about the Freeradius-Users mailing list