[RADIATOR] GeoTrust intermediate CA Certs and Radiator
Heikki Vatiainen
hvn at open.com.au
Sun Aug 14 12:36:16 CDT 2011
On 08/12/2011 12:07 AM, John Goubeaux wrote:
Hello John,
> Can I assume that the proper placement of GeoTrust Intermediate CA
> Certificates will be the same as the solution mentioned in an earlier
> thread regarding Thawte Intermediate certs ? eg place them in the file
> called by the "//EAPTLS_CAFile//" directive ? Where bundle below is
> referring to the Intermediate certs provided by thawte.
Yes for the all questions above.
A common configuration is to put all the CA certs in the EAPTLS_CAFile.
The Radiator's certificate goes into EAPTLS_CertificateFile and the
private key goes into EAPTLS_PrivateKeyFile. If the private key is
password protected, EAPTLS_PrivateKeyPassword has the password.
Thanks!
Heikki
> Thanks! -john
>
> from :
> http://www.open.com.au/pipermail/radiator/2011-February/017094.html
>
>> /The path "/path/to/certs" can be anything. Some people use
> />//etc/radiator, /etc/radius or /etc/radiator/certs. In many cases it is
> />/the same directory where Radiator configuration lies.
> />/
> />/You mention "Radiator SSL cert from Thawte". This is what goes into
> />/EAPTLS_CertificateFile and the cert's private key goes to
> />/EAPTLS_PrivateKeyFile. The bundle goes into EAPTLS_CAFile.
> />/
> />/This should enable Radiator to send the clients its own cert and all
> />/required CA certificates. The bundle can also contain the root CA, but
> />/the intermediates should be enough.
> />/
> />/Best regards,
> />/Heikki
> /
>
>
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list