you were so right... and I am so blind...
Artur Hecker wrote:
hi
Thanks to the EAP/TLS Howto, I was able to setup the radius server and get all the authentification I needed going.
Now the script, which creates the root certificate, generates root.pem with a lifetime of 30 days.
After that authentification doesn't work, OK. Last month I recreated everything. That's a pain...
> > - How can I extend them? Reuse them? What's the deal?
no reuse. you have to set another expriration date. take a look at the scripts.
Just changed the openssl req call in my CA.root script into:
---snipsnip---
openssl req -new -x509 -keyout newreq.pem -out newreq.pem -passin pass:xxx -passout pass:xxx-days 3650
---snipsnip---
Seems to work now.
Thanks for your help!
Tom
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
