Hello! In order to put in a production environment the PF server, we generated a new certificate for the radius service. This certificate has been generated using the MS certification authority coming with the domain controllers to have the CA already trusted on all the domain computers. I generated the CSR using the PF gui, submitted the certificate to our internal certification authority and retrieved the signed certificate and the CA certificate (all base64).
When i tried to load the generated certificates (System Configuration -> SSL Certificates -> RADIUS -> Edit Radius Certificate) I obtained that the certification chain is invalid, because the intermediate CA certificates cannot be loaded. I do not undestand, there are no intermediate CA's, the certification path is only CA -> Server certificate. Did anyone managed to load certificates from Domain Controller CA? If I use the internal PKI i do not have any problem but a GPO should be prepared in order to diffuse and trust the PKI certificate. Thanks Mirko
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
