- 论坛徽章:
- 0
|
EAP-TLS on FreeRadius 中文版(更新了下载地址.)
我这两天正在做EAP-TLS,想建个linux下的radius服务器。windows下的已经成功了。
我现在的问题是这样:
按照PDF文件里的做法,SSL和freeradius都安装了,没有问题。但是创建了CA.root、CA.svr、CA.clt三个文件后,运行./CA.root生成root证书时,系统说我“权限不够”?我于是用“BASH CA.root”运行,系统在运行到“echo "newreq.pem" | CA.pl -newca >;/dev/null”时,始终说"unknown option -next_serial"
这样一来就无法生成证书文件,也就无法进行下面的操作了,请问我该如何解决这个问题?谢谢
我装的RH 9.0
下面是运行CA.root的输出:
[root@localhost ssl]#bash CA.root
*********************************************************************************
Creating self-signed private key and certificate
When prompted override the default value for the Common Name field
*********************************************************************************
Generating a 1024 bit RSA private key
...............++++++
.........++++++
writing new private key to 'newreq.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:cn
State or Province Name (full name) [Some-State]:js
Locality Name (eg, city) []:sz
Organization Name (eg, company) [Internet Widgits Pty Ltd]:gnt
Organizational Unit Name (eg, section) []:rd
Common Name (eg, YOUR name) []:test
Email Address []:test@12.com
*********************************************************************************
Creating a new CA hierarchy (used later by the ca command) with the certificate
and private key created in the last step
*********************************************************************************
unknown option -next_serial
usage: x509 args
-inform arg - input format - default PEM (one of DER, NET or PEM)
-outform arg - output format - default PEM (one of DER, NET or PEM)
-keyform arg - private key format - default PEM
-CAform arg - CA format - default PEM
-CAkeyform arg - CA key format - default PEM
-in arg - input file - default stdin
-out arg - output file - default stdout
-passin arg - private key password source
-serial - print serial number value
-hash - print hash value
-subject - print subject DN
-issuer - print issuer DN
-email - print email address(es)
-startdate - notBefore field
-enddate - notAfter field
-purpose - print out certificate purposes
-dates - both Before and After dates
-modulus - print the RSA key modulus
-pubkey - output the public key
-fingerprint - print the certificate fingerprint
-alias - output certificate alias
-noout - no certificate output
-ocspid - print OCSP hash values for the subject name and public key
-trustout - output a "trusted" certificate
-clrtrust - clear all trusted purposes
-clrreject - clear all rejected purposes
-addtrust arg - trust certificate for a given purpose
-addreject arg - reject certificate for a given purpose
-setalias arg - set certificate alias
-days arg - How long till expiry of a signed certificate - def 30 days
-checkend arg - check whether the cert expires in the next arg seconds
exit 1 if so, 0 if not
-signkey arg - self sign cert with arg
-x509toreq - output a certification request object
-req - input is a certificate request, sign and output.
-CA arg - set the CA certificate, must be PEM format.
-CAkey arg - set the CA key, must be PEM format
missing, it is assumed to be in the CA file.
-CAcreateserial - create serial number file if it does not exist
-CAserial arg - serial file
-set_serial - serial number to use
-text - print the certificate in text form
-C - print out C code forms
-md2/-md5/-sha1/-mdc2 - digest to use
-extfile - configuration file with X509V3 extensions to add
-extensions - section from config file with X509V3 extensions to add
-clrext - delete extensions before signing and input certificate
-nameopt arg - various certificate name options
-engine e - use engine e, possibly a hardware device.
-certopt arg - various certificate text options
*********************************************************************************
Creating ROOT CA
CA.root: line 27: unexpected EOF while looking for matching `"'
CA.root: line 35: syntax error: unexpected end of file
|
|