[RADIATOR] openssl certificate problems
Corey Gray
corey at tsa.com.au
Thu Feb 4 16:03:06 CST 2010
<http://caab.net>
Hi everyone.
I almost have radius working.... Almost, it seems that I need a CA to get it to authenticate via EAP even to itself. Can I generate this through openssl? I haven't got EAPTLS_CAPath or EAPTLS_CAFile set yet. I know these are required. Just wonderinf if I need a signed SSL certificate from my windows domain or one from I can generate from openssl.
Foreground
LogStdout
BindAddress 192.168.201.165
LogDir /var/log/radius
DbDir /etc/radiator
# Use a low trace level in production systems. Increase
# it to 4 or 5 for debugging, or use the -trace flag to radiusd
Trace 4
# You will probably want to add other Clients to suit your site,
# one for each NAS you want to work with
<Client DEFAULT>
Secret *****************
DupInterval 0
</Client>
<Realm DEFAULT>
<AuthBy FILE>
Filename %D/users
EAPType PEAP
#EAPTLS_CAPath /root/openssl-0.9.8l/apps/
#EAPTLS_CAFile
</AuthBy>
# Log accounting to a detail file
AcctLogFileName %L/detail
#<AuthBy KRB5>
# KrbRealm = TSA
# </AuthBy>
#</Realm>
ERR: TLS could not load_verify_locations , : 5627: 1 - error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library
Any help is greatly appreciated
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100204/5594bdd8/attachment.html
More information about the radiator
mailing list