Hi,
I'm using freeRadius 1.0.4 and I would like to know something about tls config.
When I launch radius en debug mode I get this messages:
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/etc/raddb/certs/juan/key.key"
tls: certificate_file = "/etc/raddb/certs/juan/cert.cert"
tls: CA_file = "/etc/raddb/certs/demoCA/cacert.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/etc/raddb/certs/dh"
tls: random_file = "/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = yes
tls: check_cert_cn = "%{User-Name}"
but I would like to know how to change some parameters (like
rsa_key_exchange = yes) and, even more important, if the
rsa_key_length is given in Bytes or bits. Does it mean that the
certificate length changes in function of this rsa_key_length?
Thank you, Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
