diff -Naur freeradius-server-2.1.0/raddb/eap.conf freeradius-server-2.1.0.oden/raddb/eap.conf --- freeradius-server-2.1.0/raddb/eap.conf 2008-09-05 13:20:58.000000000 +0200 +++ freeradius-server-2.1.0.oden/raddb/eap.conf 2008-09-05 14:44:17.000000000 +0200 @@ -148,11 +148,11 @@ # # These is used to simplify later configurations. # - certdir = ${confdir}/certs - cadir = ${confdir}/certs + system_ssldir = /etc/pki/tls + local_ssldir = ${confdir}/certs - private_key_password = whatever - private_key_file = ${certdir}/server.pem + private_key_password = + private_key_file = ${system_ssldir}/private/radiusd.pem # If Private key & Certificate are located in # the same file, then private_key_file & @@ -164,7 +164,7 @@ # only the server certificate, but ALSO all # of the CA certificates used to sign the # server certificate. - certificate_file = ${certdir}/server.pem + certificate_file = ${system_ssldir}/certs/radiusd.pem # Trusted Root CA list # @@ -181,7 +181,7 @@ # not use client certificates, and you do not want # to permit EAP-TLS authentication, then delete # this configuration item. - CA_file = ${cadir}/ca.pem + CA_file = ${system_ssldir}/certs/ca-bundle.crt # # For DH cipher suites to work, you have to @@ -189,8 +189,8 @@ # # openssl dhparam -out certs/dh 1024 # - dh_file = ${certdir}/dh - random_file = ${certdir}/random + dh_file = ${local_ssldir}/dh + random_file = ${local_ssldir}/random # # This can never exceed the size of a RADIUS @@ -251,15 +251,6 @@ cipher_list = "DEFAULT" # - - # This configuration entry should be deleted - # once the server is running in a normal - # configuration. It is here ONLY to make - # initial deployments easier. - # - make_cert_command = "${certdir}/bootstrap" - - # # Session resumption / fast reauthentication # cache. # diff -Naur freeradius-server-2.1.0/raddb/radiusd.conf.in freeradius-server-2.1.0.oden/raddb/radiusd.conf.in --- freeradius-server-2.1.0/raddb/radiusd.conf.in 2008-09-05 13:20:58.000000000 +0200 +++ freeradius-server-2.1.0.oden/raddb/radiusd.conf.in 2008-09-05 14:43:20.000000000 +0200 @@ -640,7 +640,7 @@ # Include another file that has the SQL-related configuration. # This is another file only because it tends to be big. # - $INCLUDE sql.conf + #$INCLUDE sql.conf # # This module is an SQL enabled version of the counter module. @@ -652,7 +652,7 @@ # totally dependent on the SQL module to process Accounting # packets. # - $INCLUDE sql/mysql/counter.conf + #$INCLUDE sql/mysql/counter.conf #$INCLUDE sql/postgresql/counter.conf #