Hello list. I am sorry about my poor english skills but hope i could be understood anyway. I use freeradius 1.1-7 on fedora 8 (installed with yum command). right now, my users in the "/etc/raddb/users" file are able to authenticate without no problem. i intend to use eap-tls and eap-peap to authenticate my users. to do so, i read this tutorial: http://www.wi-fiplanet.com/tutorials/article.php/3557251 (two sheets) which is very helpfull. but on the second part of the tuto, i encounter a problem with the extensions part: - it is said to create a file named "extensions" (my case /etc/pki/tls/extensions) and to copy that lines into: [ xpclient_ext] extendedKeyUsage = 1.3.6.1.5.5.7.3.2 [ xpserver_ext ] extendedKeyUsage = 1.3.6.1.5.5.7.3.1 and then to modify my previous certificate like that: # openssl ca -out master_cert.pem -extensions xpserver -infiles ./masterreq.pem # openssl ca -out client_cert.pem -extensions xpserver -infiles ./clientreq.pem when i do this, the system give me an error message: [EMAIL PROTECTED] ensiasCA]# pwd /etc/pki/CA/ensiasCA [EMAIL PROTECTED] ensiasCA]# openssl ca -out certs/ensias_cert.pem -extensions xpserver_ext -infiles certs/radiusserverreq.pem Using configuration from /etc/pki/tls/openssl.cnf Enter pass phrase for /etc/pki/CA/ensiasCA/private/cakey.pem: Error Loading extension section xpserver_ext 4230:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_default name=email_in_dn [EMAIL PROTECTED] ensiasCA]#
i suppose i have problem creating extensions.... there's a long time i try to fix it (and some many before), and right now, i come and ask your help to fix it. thanx for helping MBA OYONE Joël Lot. El Firdaous Bât GH20, Porte A 204, Appt 8 20000 Oulfa Casablanca - Maroc Tél. : +212 69 25 85 70 __________________________________________________ Do You Yahoo!? En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicités http://mail.yahoo.fr Yahoo! Mail
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html