Possible certificatre problem
kressner at synkro.dk
Sat Jul 2 16:47:10 CEST 2016
On 02-07-2016 15:59, Alan DeKok wrote:
>> On Jul 2, 2016, at 9:27 AM, Henrik Kressner <kressner at synkro.dk> wrote:
>> By the windows machine, what do you mean ?
> You said:
>>> Trying to connnect from a win 7, as described, via a hostapd based AP/NAS,
> I mean *that* windows machine.
> What other windows machine would there be?
>> Its unclear in the howto if the windows machine act as a AP/NAS og as af station on the WLAN.
> From the earlier quote, you're clear that the Windows machine is trying to connect, and that you have a separate AP.
> Now, you claim that you're not sure wether or not the Windows machine is acting as an AP.
> It's not complicated. You're making it complicated.
>> I have copyed ca.der to the AP/NAS (running on a RPI) and i have configured with this line in hostapd.conf file:
> You said you had a Windows machine. I said to copy the CA to the Windows machine. You copied the CA to the access point running hostap.
> Why are you making this difficult?
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks for you comment, but now you are making assumtion.
I did asume that the station was the one that needed a certificat, but
it did not say so in the howto, so I had to ask.
And by the way, the howto say it is NOT needed to make a client
certificate, so I should not asume there is a client, even though make
is trying to make af client certificate, and ends up with an error, if
you dont configure it.
And again, a client in radius enviroment MUST BE a NAS, so howto is not
Mayby thats why so many peable ask so many silly quistions.
I could be complaining about the bad documentation, theres no need for
that, it's bad, the hole net knows it, so let us try to do something
I would happely help making documentation for freeradius, I am wery good
at that, but before I can do that, i need to find out how it work.
To me it looks like there is a need for certificate at the station, this
means that self signed certificat is not usable in a production enviroment.
Therefore I will conclude you ned a comersially certificate, if using
freeradius in af production enviroment. It would be nice if that was
there somewhere in the documentation, so you know that before you start.
Then a quistion: Will freeradius work with letsencrypt certificate, has
Please correct me if my conclution is wrong.
Med venlig hilsen / Yours Sincerly
More information about the Freeradius-Users