Text only | Text with Images

OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: alh on March 14, 2019, 12:12:15 AM

Title: [SOLVED] PlugIn FreeRADIUS: wrong certifcates are generated
Post by: alh on March 14, 2019, 12:12:15 AM
We have the following setup:

- root ca
- intermediate ca for services
- intermediate ca for users

If we configure EAP-TTLS in the FreeRADIUS plugin we link the radius server cert (issued by intermediate ca for services) and the root ca which is supposed to validate trusted users (intermediate ca for users).

However, the plugin always puts the server cert chain in the file ca_opn instead of the linked ca file. Probably a bug in the script.
Title: Re: PlugIn FreeRADIUS: wrong certifcates are generated
Post by: mimugmail on March 14, 2019, 05:51:16 AM
I have to reproduce, never tried with with intermediate CA
Title: Re: PlugIn FreeRADIUS: wrong certifcates are generated
Post by: alh on March 20, 2019, 01:51:18 PM
I made a PR regarding this. Please check on Github
Title: Re: PlugIn FreeRADIUS: wrong certifcates are generated
Post by: mimugmail on March 20, 2019, 06:47:34 PM
Ah, yep, forgot it. Will do tomorrow
Text only | Text with Images