12: Security Settings
SSL Utilities
Several utilities exist to convert between the formats.
OpenSSL
Open source set of SSL related command line utilities. It can act as server or client. It can generate or sign certificate requests. It can convert all kinds of formats. Executables are available for Linux and Windows. To generate a
openssl req
Note: Signing other certificate requests is also possible with OpenSSL. See www.openssl.org or www.madboa.com/geek/openssl for more information.
Steel Belted RADIUS
Commercial RADIUS server by Juniper Networks that provides a GUI administration interface. It also provides a certificate request and
openssl pkcs12
The sbr_certkey.pem file contains both certificate and key. If loading the SBR certificate into EDS as an authority, you will need to edit it.
1.Open the file in any plain text editor.
2.Delete all info before the following:
3.Delete all info after the following:
4.Save as sbr_cert.pem. SBR accepts
5.Again, OpenSSL can convert any format into DER by using the following commands in the order shown:
openssl x509
Note: With SBR, when the identity information includes special characters such as dashes and periods, SBR changes the format it uses to store these strings and becomes incompatible with the current EDS release. We will add support for this and other formats in future releases. Free
Free RADIUS
Free RADIUS is a Linux
EDS User Guide | 105 |
