Messages

1

23.1 Legacy Series / Re: Freeradius - How to renew default server certificate?

« on: February 26, 2023, 04:13:44 am »

Update:

Solved by first editing all the necessary .cnf files in the /usr/local/etc/raddb/certs directory (I use WinSCP), stop the freeradius from the web GUI, moved all the all old certs to a backup folder, and then execute the command ./bootstrap

Restarted the Freeradius server and watch the log to see any error. None so far!

Thanks

2

23.1 Legacy Series / Re: Freeradius - How to renew default server certificate?

« on: February 24, 2023, 01:55:49 pm »

Thanks Bart, will try it out later.

Not using GPO as this is just a small test env and it have multiple OS clients. So, all manual.

3

23.1 Legacy Series / Re: Freeradius - How to renew default server certificate?

« on: February 24, 2023, 12:24:45 pm »

Hi, thanks for the reply.

I'm not using the Opnsense cert manager and only use the supplied default cert from freeradius pkg.

4

23.1 Legacy Series / [SOLVED] Freeradius - How to renew default server certificate?

« on: February 24, 2023, 10:50:20 am »

Hi,

I'm doing this on single appliance test environment. How can I renew the default server certificate? Suddenly Windows clients won't connect and the logs were showing expired server certificate errors. Mobile phones still working fine.

Auth: (5) Login incorrect (eap_peap: (TLS) Alert read:fatal:certificate expired): [admin] (from client APs port 69 cli 30-24-32-46-C6-FC)   

Thanks!

Edit: Found this tutorial for Linux:
https://agix.com.au/freeradius-certificate-has-expired-solution/

How do I do this in Opnsense?