hi
you need exactly the following:
> cert-clt.p12
> cert-srv.pem
> root.pem
and no private key should be in root.pem (though it doesn't matter now)
> Radiusd.conf
>
> CA_file = ${confdir}/eap-test/root.pem
this should point to root.pem from above and the root.pem should contain
public key (the cert.) of the CA used. you DO not need the ca's private
key for ANY authentication, only for certificate issuing and signing.
the private key of a (real) CA has nothing to do with freeradius and is
usually THE information to keep in mountain banks in switzerland.
ciao
artur
--
Artur Hecker
artur[at]hecker.info
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
