[RADIATOR] GeoTrust intermediate CA Certs and Radiator
John Goubeaux
goubeaux at education.ucsb.edu
Sun Aug 14 14:37:16 CDT 2011
Thanks,
I ended up putting the signed CERT and the two Intermediate certs (eg
all 3 components) in the *EAPTLS_CertificateChainFile
*instead. This seems to be working OK as well.
-john
On 8/14/2011 10:36 AM, Heikki Vatiainen wrote:
> On 08/12/2011 12:07 AM, John Goubeaux wrote:
>
> Hello John,
>
>> Can I assume that the proper placement of GeoTrust Intermediate CA
>> Certificates will be the same as the solution mentioned in an earlier
>> thread regarding Thawte Intermediate certs ? eg place them in the file
>> called by the "//EAPTLS_CAFile//" directive ? Where bundle below is
>> referring to the Intermediate certs provided by thawte.
> Yes for the all questions above.
>
> A common configuration is to put all the CA certs in the EAPTLS_CAFile.
> The Radiator's certificate goes into EAPTLS_CertificateFile and the
> private key goes into EAPTLS_PrivateKeyFile. If the private key is
> password protected, EAPTLS_PrivateKeyPassword has the password.
>
> Thanks!
> Heikki
>
>> Thanks! -john
>>
>> from :
>> http://www.open.com.au/pipermail/radiator/2011-February/017094.html
>>
>>> /The path "/path/to/certs" can be anything. Some people use
>> />//etc/radiator, /etc/radius or /etc/radiator/certs. In many cases it is
>> />/the same directory where Radiator configuration lies.
>> />/
>> />/You mention "Radiator SSL cert from Thawte". This is what goes into
>> />/EAPTLS_CertificateFile and the cert's private key goes to
>> />/EAPTLS_PrivateKeyFile. The bundle goes into EAPTLS_CAFile.
>> />/
>> />/This should enable Radiator to send the clients its own cert and all
>> />/required CA certificates. The bundle can also contain the root CA, but
>> />/the intermediates should be enough.
>> />/
>> />/Best regards,
>> />/Heikki
>> /
>>
>>
>>
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
--
John Goubeaux
Systems Administrator
Gevirtz Graduate School of Education
UC Santa Barbara
Education 4203C
805 893-8190
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20110814/ceeadc27/attachment.html
More information about the radiator
mailing list