Russell Mitchell wrote: >OK, so I'm guessing the ca_cert parameter is used to define the root >certificate of my CA, so I went to cacert.org, >http://www.cacert.org/index.php?id=3 and downloaded a copy of their root >certificate, in PEM format. Next, I created a client certificate on >cacert.org, and saved that in PEM format. > >But, I still don't understand the private_key and private_key_password >parameters are. The private_key parameter expects a PEM format certificate, >and the private_key_password is a plain text password. How do I create these? > > ca_cert was the root ca of your radius server. private_key_password was used to generate your client ca, the client_key.pem was generated for you during this process.
* generate a client ca 1) # openssl req -new -keyout client_key.pem -out client_req.pem -days 360 -config ./openssl.cnf (need input your private_key_password) 2) # openssl ca -config ./openssl.cnf -policy policy_anything -out client_cert.pem \ -infiles ./client_req.pem -- Quaker >/Russ > > >This message posted from opensolaris.org >_______________________________________________ >laptop-discuss mailing list >laptop-discuss at opensolaris.org > >
