not logged in | [Login]

Certificates

Configuration

In Version 2.0 and later, the certificates are stored in the directory raddb/certs. The relevant files in that directory are

README
Simple HOWTO on certificate creation and EAP performance
Makefile
File containing rules to build certificates from the input configuration files.
ca.cnf
Configuration for sample certificate authority.
server.cnf
Configuration for sample server certificate.
client.cnf
Configuration for sample client certificate. (Only needed for EAP-TLS.)
xpextensions
File hold magic OID's needed by Microsoft EAP clients.

Generation

Certificates may be created via a simple process:

 cd raddb/certs
 make

Then, start the server:

 radiusd -X

You should edit the certificate configuration files (see above) to meet your needs. Then, do

 cd raddb/certs
 make

And the new certificates will be generated. There is no need to run any special OpenSSL commands.

If you have generated certificates via some other process, simply put them in the raddb/certs directory, and edit the raddb/eap.conf file to point to your local certificates.