Hello Eric,
i use to test my certificate chain here (paste the cert + the intermediate):
https://tools.keycdn.com/ssl
Just verify if from the cert to the CA the chain is valid then add the
private key at the end.
Regards
Fabrice
Le 19-08-22 à 14 h 32, Eric Rolleman via PacketFence-users a écrit :
I checked out a packetfence system setup by Inverse at my other job
and noticed that the certificate has some info above the "-----BEGIN
CERTIFICATE-----" line:
"
Bag Attributes
localKeyID: <key>
friendlyName: Wildcard
<oid_of_some_kind>: <bunch_of_hex_values>
<oid_of_some_kind>: <bunch_of_hex_values>
<oid_of_some_kind>: <bunch_of_hex_values>
subject=/CN=<cert_subject>
issuer=<cert_issuer_dn>
"
The certificate file from Lets Encrypt doesn't have this. Is that the
problem?
------------------------------------------------------------------------
*From:* Eric Rolleman via PacketFence-users
<[email protected]>
*Sent:* Wednesday, August 21, 2019 10:09 PM
*To:* [email protected]
<[email protected]>
*Cc:* Eric Rolleman <[email protected]>
*Subject:* [PacketFence-users] Creating server.pem for captive portal
I acquired a lets encrypt certificate manually (can't port forward
HTTP fro= the internet to my packetfence server). I replaced the
server.crt, server=key and intermediate.crt files. The admin interface
is working with a vali= cert.
I set up the server.pem file with the following commands:
cat privkey.pem > server.pem
cat cert.pem >> server.pem
cat chain.pem >> server.pem
( also tried fullchain.pem instead of the chain.pem as well)
I replaced the server.pem file in the /usr/local/pf/conf/ssl folder
and res=arted the service, but the certificate reports as invalid when
I connect t= the captive portal.
What is the order that I need of keys and certificates in the .pem file?
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
