We are using the iPlanet (Netscape) Certificate Manager as our corporate CA. I'm trying to set up FreeRadius 0.9.0 compiled against the Stock RedHat 9 openssl RPMs version 0.9.7a for EAP-TLS. To request a WTLS server certificate I ran:
openssl genrsa -out privkey.pem 2048 openssl req -new -key privkey.pem -outform PKCS#10 -out cert.csr and copy/pasted the contents of cert.csr into the PKCS # 10 Request field on the web site request form. what I received back was a text file that began: Base 64 encoded certificate -----BEGIN CERTIFICATE----- AQIBAARBQ049REhMIEdsb2JhbCBDQSxPVT1TeXN0Z.... I also grabbed the CA Certificate Chain also in Base 64 encoded format. How do I put these in a format FreeRadius can use? I assume I have to run the binary output from base64 through openssl to convert it to .pem format, but I'm lost after the base64 part ;) FreeRadius runs fine if I use the sample certificates available on the web. I asked on the openssl-users list with no response. So that's why I'm posting here. Thanks for the help, -Patrick - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
