[RADIATOR] TLS_CertificateChainFile within ServerRADSEC not working?

Heikki Vatiainen hvn at open.com.au
Thu Apr 16 05:44:45 CDT 2015


On 16.4.2015 13.33, Jan Tomasek wrote:

> TLS_CAFile is for set of trusted CA. It works for me too. I need
> TLS_CertificateChainFile which is used for sending intermediate CA
> certificates to client and this causes troubles.

EAPTLS_CertificateChainFile at least has required the following order:
- server's own certificate - the first certificate in the file
- CA certificates - the order did not matter.

I'd guess it would be the same for RadSec TLS_CertificateChainFile too.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, 
NetWare etc.


More information about the radiator mailing list