On 01/11/2011 01:58 PM, Rianto Wahyudi wrote:
Hello,
> I did not choose or select any trusted root certification authorities /
> anchor as I originally tought that windows is smart enough to do it
> automatically.
It probably could choose it automatically, but I think it will not for
security
authorities or
will it just work automatically if I use well known provider ?
Regards,
Rianto
From: Heikki Vatiainen [...@open.com.au]
Sent: Tuesday, 11 January 2011 9:04 PM
To: Rianto Wahyudi
Cc: radiator@open.com.au
Subject: Re: [RADIATOR] Can't get
On 01/11/2011 03:35 AM, Rianto Wahyudi wrote:
Hello Rianto,
> Im having some difficulties getting the certificate to work correctly.
> I followed instructions from
> http://www.open.com.au/pipermail/radiator/2010-November/016781.html,
>
> Windows Clients still get prompted with a warning mess
Hi All,
Im having some difficulties getting the certificate to work correctly.
I followed instructions from
http://www.open.com.au/pipermail/radiator/2010-November/016781.html,
Windows Clients still get prompted with a warning message saying that the
certificate can not be trusted :
T
Success!!!
David, Per your suggestion, I added: EAPTLS_CAPath %D/certificates/cert/ca
Andrew, Per your suggestion, I placed the server cert first inline in the chain
cert file. So server cert first, then chain cert second.
Many thanks, Andrew and David
On Nov 4, 2010, at 5:21 PM, David Zych wro
On 1:59 PM, Stephen A. Felicetti wrote:
> On Nov 4, 2010, at 3:32 PM, David Zych wrote:
>>
>> I fought with this same issue and eventually discovered that the
>> Radiator documentation is misleading: including both an
>> EAPTLS_CertificateFile (for the server cert) and an
>> EAPTLS_CertificateChain
If I exclude the EAPTLS_CAFile, I get the following error:
Thu Nov 4 16:06:42 2010: ERR: TLS could not load_verify_locations , :
Thu Nov 4 16:06:42 2010: DEBUG: EAP result: 1, EAP TTLS Could not initialise
context
Thu Nov 4 16:06:42 2010: DEBUG: AuthBy FILE result: REJECT, EAP TTLS Could not
> EAPType TTLS
> EAPTLS_CertificateType PEM
> EAPTLS_CAFile %D/certificates/cert/thawte.Premium.Root.CA.pem
> EAPTLS_CertificateChainFile %D/certificates/cert/thawte.SSL123bundle.pem
> [enabled]
> EAPTLS_CertificateFile %D/certificates/cert/wirelesscert.pem
> EAPTLS_PrivateKeyFile %D/certificates
Thanks for the response. But, I continue to get the "X509_check_private_key:key
values mismatch" anytime I use the certificatechain configuration line. I've
tried many combinations of certificates in the file, with all the same results.
On Nov 4, 2010, at 12:50 PM, Andrew D. Clark wrote:
I ha
I had trouble getting this to work as well. The problem turned out to be the
order of certificates in the chain. They usually come, from top to bottom in
the file, root CA, signing CA, your cert. It looks like the way Radiator
wants it is your cert, followed by the signing CA. Try reversing
Hello,
I'm currently running Radiator 4.7 on SUSE linux with OpenSSL 0.9.8h.
I've had this running for years without any problems (albeit different
versions).
Now that I have to begin using Chain Certificates with my CA, I'm stuck.
I know for a fact that the my private key and server certifica
11 matches
Mail list logo
