On 06/04/2010 05:42 AM, Paolo Barbato wrote:
Looking at the mailing list it's seems not possibile configure freeradius to use a CA chains certificate, instead of a single CA root.
Why do you believe that? Use the certificate_file config item in eap.conf. The certificates must be in PEM format and must be sorted starting with the subject’s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. -- John Dennis <[email protected]> Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
