How create CA certificate for a linux based freeradius server?
thiagomartins at itaueira.com
Thu Jun 30 16:40:30 UTC 2022
I followed all instructions and now I'm able to generate certificates.
Thank you all.
I'm not very pleased about it so we're are trying to create a simple
android app to manage the connection parameters using the following
It was a suggestion in this article:
Thank you again!
Em qua., 29 de jun. de 2022 às 12:05, Olivier <oza.4h07 at gmail.com> escreveu:
> I think adding a CA certificate to a Freeradius instance to please
> Android 11 is not an easy task !
> Saying this, I don't blame Freeradius at all for this (far from it, as
> Freeradius includes a quite exhaustive doc (see raddb/certs/README.md)
> and integrate various tools (make, bootstrap, ...)) but as I recently
> discovered, issues can also come from either Android device or from
> the device config/usage.
> When there is an issue, it's not easy to spot where it comes from and
> what to change (the device software, its config or your Freeradius
> The ideal situation would be to have a working reference for all
> involved elements (Android device (soft+config), Wifi AP, Freeradius
> (software+config), CA Cert) and then only change one element at a
> time in this working reference until this it matches your target
> If you ever meet success adding a LetsEncrypt cert, I would be very
> curious to know some of your config details.
> I wish you the best luck in your testings.
> Le mer. 29 juin 2022 à 15:29, Alan DeKok <aland at deployingradius.com> a écrit :
> > On Jun 29, 2022, at 9:21 AM, Thiago Martins via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> > > One of my users has an Android 11 smartphone and it no longer let you
> > > insecurely connect to enterprise WiFi networks. In the option "CA
> > > certificate" There is no "Do not validate" option. So I'm looking for
> > > a solution. How can I create a certificate for this user? My
> > > Freeradius server is running on linux.
> > Read raddb/certs/README.md
> > Or, get a "letsencrypt" certificate, and use that.
> > Alan DeKok.
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Esta mensagem é endereçada exclusivamente ao seu destinatário e poderá
conter informações confidenciais.
O uso não autorizado de tais informações
é proibido e estará sujeito às penalidades cabíveis.
*This message is
intended exclusively for its addressee and may contain information that is
*Unauthorized use of such information is prohibited and
subject to applicable penalties.*
More information about the Freeradius-Users