Charles Plater wrote: > I've used the bootstrap script to build certs for our radius server > (2.0.5 on FreeBSD) and I've set all of the .cnf files w/ the following: > > default_days = 3650 > default_crl_days = 3650 > > > My problem is that the ca.der file that is created has an expiration > date of 30 days. Can anyone point me in the direction of what I'm doing > wrong?
It's a bug in OpenSSL. The FreeRADIUS files were fixed to work around this in version 2.1.3. You can grab the fixes in raddb/certs/Makefile. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
