On 08/12/2011 12:07 AM, John Goubeaux wrote: Hello John,
> Can I assume that the proper placement of GeoTrust Intermediate CA > Certificates will be the same as the solution mentioned in an earlier > thread regarding Thawte Intermediate certs ? eg place them in the file > called by the "//EAPTLS_CAFile//" directive ? Where bundle below is > referring to the Intermediate certs provided by thawte. Yes for the all questions above. A common configuration is to put all the CA certs in the EAPTLS_CAFile. The Radiator's certificate goes into EAPTLS_CertificateFile and the private key goes into EAPTLS_PrivateKeyFile. If the private key is password protected, EAPTLS_PrivateKeyPassword has the password. Thanks! Heikki > Thanks! -john > > from : > http://www.open.com.au/pipermail/radiator/2011-February/017094.html > >> /The path "/path/to/certs" can be anything. Some people use > />//etc/radiator, /etc/radius or /etc/radiator/certs. In many cases it is > />/the same directory where Radiator configuration lies. > />/ > />/You mention "Radiator SSL cert from Thawte". This is what goes into > />/EAPTLS_CertificateFile and the cert's private key goes to > />/EAPTLS_PrivateKeyFile. The bundle goes into EAPTLS_CAFile. > />/ > />/This should enable Radiator to send the clients its own cert and all > />/required CA certificates. The bundle can also contain the root CA, but > />/the intermediates should be enough. > />/ > />/Best regards, > />/Heikki > / > > > > > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
