Jon Franklin <[EMAIL PROTECTED]> wrote: > On a follow-up to this, I found that the certificate I was using > (Thawte Freemail Member) was being validated against a set of root > certs in /usr/share/ssl/certs/ca-bundle.crt (I'm using Fedora Core 3, > btw).
There's probably some global OpenSSL config somewhere.... > So I'm getting much closer to a solution. I don't want to get rid of > all the CA certs in /usr/share/ssl, and only want freeradius to use > the root cert I specify in the CA_file line. > > Can anyone tell me how that's done? Or is it even possible? It should be possible. I don't know how to convince OpenSSL to do that, though. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html