re2o/re2o-radius
5
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
chapeau 2022-01-30 09:54:42 +00:00
parent a19a174f19
commit 85269e821e
1 changed files with 16 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

17
README.md
View file

@ -11,7 +11,22 @@ chmod a+x install-buster.sh
sudo ./install-buster.sh
```
Le script demande de modifier les fichiers `clients.conf` et `config.ini`.
Le script demande de modifier les fichiers `clients.conf`, `config.ini` et `sites-enabled/default`.
Afin d'utiliser des certificats lets encrypt, en supposant vos certificats déjà générés dans `/etc/letsencrypt/live/radius.example.org` :
```
openssl dhparam -out /etc/ssl/private/dh4096.pem -2 4096
cd /etc/freeradius/3.0/certs
ln -s /etc/letsencrypt/live/radius.example.org/privkey.pem server.key
ln -s /etc/letsencrypt/live/radius.example.org/fullchain.pem fullchain.pem
ln -s /etc/letsencrypt/live/radius.example.org/cert.pem cert.pem
ln -s /etc/ssl/private/dh4096.pem dh
chgrp freerad /etc/letsencrypt/{live,archive}
chmod g+rx /etc/letsencrypt/{live,archive}
```
Puis changer toutes les occurrences de `tls = tls-common` par `tls = tls-LEcert` dans le fichier `/etc/freeradius/3.0/mods-enabled/eap`.
## Sur re2o