2007/10/2, Sergio Belkin <[EMAIL PROTECTED]>: > 2007/10/2, Ivan Kalik <[EMAIL PROTECTED]>: > > > > > > OK. Had some time to look at your certificates. You have created a server > > certificate but not the (signed) root one. Instead you used and exported > > cacert. Also your server cert and private keys are separate while in your > > tls config you configured them as a same file. Have a look at CA.all script > > that comes with the freeradius distribution (or better use it) to see how it > > should be done. It places the key in the same file as the certificate. > > > > Ivan Kalik > > Kalik Informatika ISP > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > > > Hi Ivan thanks for your time. I've deleted those files and recreated > with certs.sh and CA.all. > Now I have signed certificates in der, p12 and pem formats. What of > these ones should I use in eap.conf. > I don't understand something, root one is not "cacert.*" ? > -- > -- > Sergio Belkin - >
And I don't know why but I only get client and server certificates but not root certificate using CA.all -- -- Sergio Belkin - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
