반응형
CENT-SRV
vim /etc/ssl/openssl.cnf
#vim /usr/lib/ssl/misc/CA.pl
#/usr/lib/ssl/misc/CA.pl –newca
※CN=CA
※Password = korea2021##
#cp /etc/ssl/CA/cacert.pem /usr/local/share/ca-certificates/ca.crt
#update-ca-certificates
#cd /etc/ssl
#openssl req -new -out srv.req -newkey rsa:2048 -keyout srv.key
※개인키 값은 korea2021##, CN=srv
#openssl ca -in srv.req -out srv.crt
#chmod 777 srv.*
#cp /etc/ssl/CA/cacert.pem /etc/ssl
#chmod 755 cacert.pem
※777로 줘버리면 보안정책 때문에 freeradius재시작이 안됨
#apt –y install freeradius
#vim /etc/freeradius/3.0/modes-enabled/eap
#vim /etc/freeradius/3.0/users
#vim /etc/freeradius/3.0/clients.conf
반응형
