On Thu, 2004-04-15 at 17:48, Bob McCormick wrote: > Is it easy convert? I did a google search to find out about > converting IIS certificates to Apache and all the results I got back > made it sound like rocket science.
Basically, when you get your certificate from Verisign, it will likely be in DER format and named somecertificate.cer. To change it, you need to do the following: openssl x509 -in somecertificate.cer -inform DER -out somecertificate.pem > Anyway, what's special about the cert is that Winblows XP clients > require it to have a special extended key usage attribute. The > scripts in the Freeradius source distribution that generate a self > signed cert include the attribute during the signing phase. OK, I see what you're saying. There's nothing really "special" about the certificate. Yes, you have to have the extended usage stuff, but the cert you get from Verisign will already have that in there. When you do the conversion, the extended usage attributes will carry over. It's not really rocket science. Really. :) -- --Mike ----------------------------------- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html