*Empty MediaWiki Message*

2015-05-20 15:18:18 +00:00 · 2015-05-20 15:18:18 +00:00 · 7ff1c63dc7
commit 7ff1c63dc7
parent 503bfb7c88
1 changed files with 24 additions and 0 deletions
--- a/WLAN%2FopenRADIUS.mw
+++ b/WLAN%2FopenRADIUS.mw
@ -32,3 +32,27 @@ https://github.com/plitc/lxc-to-go
 TEMPLATE: org.openwrt.freeradius.anonymous-eap-ttls

 https://github.com/plitc/lxc-to-go/blob/master/hooks/templates/org.openwrt.freeradius.anonymous-eap-ttls
+
+= RootCA für RADIUS erstellen =
+
+<source lang=bash>
+ssh root@172.22.99.15
+lxc-to-go login (anybert)
+
+cd /etc/freeradius/certs
+mv ca.pem ca.pem_ORI
+mv server.key server.key_ORI
+mv server.pem server.pem_ORI
+
+openssl genrsa -aes256 -out ca.key 2048
+openssl req -new -x509 -days 3650 -key ca.key -out ca.pem
+openssl genrsa -aes256 -out server.key 2048
+openssl req -new -key server.key -out server.csr
+openssl x509 -req -days 3650 -in server.csr -CA ca.pem -CAkey ca.key -set_serial 01 -out server.pem
+
+vi /etc/freeradius/ eap.conf
+
+   private_key_password = CHANGEME
+
+systemctl restart freeradius; systemctl status freeradius; tail -n 30 /var/log/freeradius/radius.log
+</source>