2007/10/2, [EMAIL PROTECTED] <[EMAIL PROTECTED]>: > Freeradius version? In new ones you should have all of them created as > you install the server. > > Ivan Kalik > Kalik Informatika ISP >
I'm using freeradius-1.1.7. If I use certificates that come as demo, the problem is that is valid to 24/01/2006. > Dana 2/10/2007, "Sergio Belkin" <[EMAIL PROTECTED]> piše: > > >2007/10/2, Sergio Belkin <[EMAIL PROTECTED]>: > >> 2007/10/2, Ivan Kalik <[EMAIL PROTECTED]>: > >> > > >> > > >> > OK. Had some time to look at your certificates. You have created a server > >> > certificate but not the (signed) root one. Instead you used and exported > >> > cacert. Also your server cert and private keys are separate while in your > >> > tls config you configured them as a same file. Have a look at CA.all > >> > script > >> > that comes with the freeradius distribution (or better use it) to see > >> > how it > >> > should be done. It places the key in the same file as the certificate. > >> > > >> > Ivan Kalik > >> > Kalik Informatika ISP > >> > - > >> > List info/subscribe/unsubscribe? See > >> > http://www.freeradius.org/list/users.html > >> > > >> > >> > >> Hi Ivan thanks for your time. I've deleted those files and recreated > >> with certs.sh and CA.all. > >> Now I have signed certificates in der, p12 and pem formats. What of > >> these ones should I use in eap.conf. > >> I don't understand something, root one is not "cacert.*" ? > >> -- > >> -- > >> Sergio Belkin - > >> > > > >And I don't know why but I only get client and server certificates but > >not root certificate using CA.all > >-- > >-- > >Sergio Belkin - > >- > >List info/subscribe/unsubscribe? See > >http://www.freeradius.org/list/users.html > > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- -- Sergio Belkin - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
