# ANYONE who has a certificate signed by them can
# authenticate via EAP-TLS! This is likely not what you want.
tls {
- #
- # These is used to simplify later configurations.
- #
- certdir = ${confdir}/certs
- cadir = ${confdir}/certs
-
private_key_password = whatever
private_key_file = ${certdir}/server.pem
# Location of config and logfiles.
confdir = ${raddbdir}
+certdir = ${raddbdir}/certs
+cadir = ${raddbdir}/certs
run_dir = ${localstatedir}/run/${name}
# Should likely be ${localstatedir}/lib/radiusd
# idea to use different server certificates for EAP and for RADIUS
# transport.
tls {
- #
- # These is used to simplify later configurations.
- #
- certdir = ${confdir}/certs
- cadir = ${confdir}/certs
-
private_key_password = whatever
private_key_file = ${certdir}/server.pem
status_check = status-server
tls {
- #
- # These is used to simplify later configurations.
- #
- certdir = ${confdir}/certs
- cadir = ${confdir}/certs
-
private_key_password = whatever
private_key_file = ${certdir}/client.pem