On 08/27/2015 06:19 PM, Mr. Christopher Bland wrote: > We are currently running Radiator 4.11 on a RedHat Enterprise Linux > v 6.4 server. I have found a couple of notes relating to newer > version Radiator and SHA2 support. Will we be required to upgrade > from Radiator 4.11 in order to support SHA2 certificates?
In general, the need to upgrade depends on the OpenSSL/LibreSSL or whatever the system SSL/TLS library is. Radiator just tells the library to load the certificates so Radiator does not need to process them directly. I just gave Radiator 4.11 on Centos 6.7 a try. Radiator was configured for PEAP with SHA256/RSA 2048 certificates that come with Radiator 4.14 and 4.15. The client was eapol_test. Everything seemed to work fine. I think with RHEL 5 there were problems with encrypted secret keys, but this was related to how the key was encrypted. In fact, there's a change log entry for 4.14 release that describes this better. Look for 'PKCS#8' for more info: http://www.open.com.au/radiator/history.html Since CentOS 6.7 works, there's a good chance that RHEL 6.4 works too. If you download the current Radiator version, you can give 4.11 a try with the test certs that come with 4.15. If you are changing your configuration, you may want to see the change log and consider upgrading to the latest version too. Thanks, Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
