query on files under /etc/raddb/certs

Alan DeKok aland at deployingradius.com
Fri Nov 13 01:11:52 CET 2020


On Nov 12, 2020, at 5:00 PM, SIMON BABY <simonkbaby at gmail.com> wrote:
> 
> When I read the file README it says below content:

  Yes, please post that to the list.  Because we haven't seen it before.

> So  can someone  create a false certificate and key and create a session ?

  I think you didn't read my previous message.

  If someone breaks into your system, then having them read these certificate files is the LEAST of your worries.  Stop worrying about useless things.

  If you want to know how the server uses these files, read the documentation and then default configuration files.

> If we delete all these scripts also it is not possible to create any
> certificate and we get complete control of where it gets the
> certificates and keys ?

  Yes, because the scripts aren't available anywhere else on the Internet.

  Oh, wait...

  A secure system is *not* created by worrying about random things.  A secure system is created by *understanding* things.

  Right now, you're asking very detailed questions, and not paying attention to the bigger picture.  This is entirely the wrong approach.

  Your questions are irrelevant because they're based on a false understanding of how things work.

  Alan DeKok.




More information about the Freeradius-Users mailing list