Bluehost.com Web Hosting $6.95

SSL Certificate problems

This is a discussion on SSL Certificate problems within the FreeRADIUS Users forums, part of the Networking and Network Related category; Hi all. I've been following the instructions on various sites on how to setup freeradius. The problem that I ...


Go Back   Usenet Forums > Networking and Network Related > FreeRADIUS Users

Reload this Page SSL Certificate problems

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-13-2005
Pico Geyer
 
Posts: n/a
Default SSL Certificate problems
Hi all.

I've been following the instructions on various sites on how to setup
freeradius. The problem that I run into is that my system seems to have
a different SSL setup that the one assumed.
I'm running Centos 4.0 and using openssl-0.9.7a-43.1
SSL is installed in /usr/share/ssl. It is the CA.all script that is
giving my problems. I've changed the SSL variable in CA.all to point to
/usr/share/ssl. The next problem that I've encountered is that the CA.pl
script does not exist on my system. It is supposed to be located under
/usr/share/ssl/misc/ but it's not there. But under that same directory
is a script called CA (without any extension). This looks like the same
CA.pl that is needed so I made a symbolic link called CA.pl to it.=20

The script can now run but I'm still getting errors. The problem is that
the CA script does not create its files in the correct location.

Here is the part of the CA script that I'm concerned about:
[snip]
-newca) =20
# if explicitly asked for or it doesn't exist then setup the
directory
# structure that Eric likes to manage things=20
NEW=3D"1"
if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
# create the directory hierarchy
mkdir ${CATOP}=20
mkdir ${CATOP}/certs=20
mkdir ${CATOP}/crl=20
mkdir ${CATOP}/newcerts
mkdir ${CATOP}/private
echo "01" > ${CATOP}/serial
touch ${CATOP}/index.txt
fi
if [ ! -f ${CATOP}/private/$CAKEY ]; then
echo "CA certificate filename (or enter to create)"
read FILE

# ask user for existing CA certificate
if [ "$FILE" ]; then
cp $FILE ${CATOP}/private/$CAKEY
RET=3D$?
else
echo "Making CA certificate ..."
$REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \
-out ${CATOP}/$CACERT $DAYS
RET=3D$?
fi
fi
;;
[snip]

Notice that if a file name is provided the script does not create the
certificate which is required for the rest of the CA.all script. Do I
have a different script to CA.pl?=20

Sorry about the long (and confusing) post. If someone could please tell
me if this piece of code looks the same as the code in your CA.pl
script. Also any suggestions on what I'm doing wrong will be greatly
appreciated.

Thanks in advance.
Pico.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +1. The time now is 06:30 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0