Thanks to the EAP/TLS Howto, I was able to setup the radius server and get all the authentification I needed going.
Now the script, which creates the root certificate, generates root.pem with a lifetime of 30 days.
After that authentification doesn't work, OK. Last month I recreated everything. That's a pain...
> > - How can I extend them? Reuse them? What's the deal?
no reuse. you have to set another expriration date. take a look at the scripts.
I have the second box, with software up and running.
But again, the certificates: - My first attempt - just copying them - didn't work. OK, just a try.
why? what exactly did you copy and what exactly did you certify?
- Second, since the certs are tied to hostname, I recreated them - guess what...
well, you have to look at what you are doing. are you sure that your certificates are tied to the host address? because mine are not. and i doubt that this is verified anyway. the server simply has a pair of keys and both are signed and one of them (the private) is encrypted. the posession of the decryption key enables the usage.
ciao artur
-- Artur Hecker D�partement Informatique et R�seaux, ENST Paris http://www.infres.enst.fr/~hecker
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
