FreeRADIUS certificate is going to expiredExpired certificate - how do we avoid the expired certificate...

Get length of the longest sequence of numbers with the same sign

Is divide-by-zero a security vulnerability?

Test pad's ESD protection

At what level can a party fight a mimic?

Where is the fallacy here?

What is better: yes / no radio, or simple checkbox?

Traversing Africa: A Cryptic Journey

What does @RC mean in SSDT SQL Server Unit Testing?

Heating basement floor with water heater

Why are special aircraft used for the carriers in the United States Navy?

What happened to QGIS 2.x LTR?

Giving a talk in my old university, how prominently should I tell students my salary?

How to kill a localhost:8080

Wrap all numerics in JSON with quotes

Sometimes a banana is just a banana

Achieving MPPT of a solar panel with LM2596

What is the difference between a forward slip and a side slip?

If nine coins are tossed, what is the probability that the number of heads is even?

Citing contemporaneous (interlaced?) preprints

What could trigger powerful quakes on icy world?

Levi-Civita symbol: 3D matrix

Is there a full canon version of Tyrion's jackass/honeycomb joke?

When was drinking water recognized as crucial in marathon running?

Detect if page is on experience editor Sitecore 9 via Javascript?



FreeRADIUS certificate is going to expired


Expired certificate - how do we avoid the expired certificate warningExpired licenses - unused computersLDAP expired SSL certificateFreeradius and self signed-certificateFreeradius Server Migrationsquid3 https_port requires --enable-sslFreeradius: Clients.conf and CoAExpired Sub CertificateFreeRADIUS REST expansionFreeRADIUS with Let's Enrypt Certificate (trusted connection without provisioning?)













0















Recently I've created a RADIUS server (Freeradius) that authenticate with Active Directory. I follow this link to create this server:
Now, when I see the "server.cnf" file into /etc/raddb/cert , I just realized that the certification will be expired by next month. So, I am really worried because I don't have have any idea about how can I regenerate a new certificate. Also into the /etc/raddb/cert, there is several file like:



01.pem, ca.cnf,ca.key, client.cnf, index.txt, index.txt.old, random, serial, server.cnf, server.csr server.p12, xpextensions, bootstrap, ca.der, ca.pem, dh, index.txt.attr, Makefile, README, serial.old server.crt, server.key, server.pem



Now, I am a little confused, What exactly should I do to expand the expire date of this certificate?




radius.conf



prefix = /usr

exec_prefix = /usr

sysconfdir = /etc

localstatedir = /var

sbindir = /usr/sbin

logdir = ${localstatedir}/log/radius

raddbdir = ${sysconfdir}/raddb

radacctdir = ${logdir}/radacct

name = radiusd

confdir = ${raddbdir}

run_dir = ${localstatedir}/run/${name}

db_dir = ${raddbdir}

libdir = /usr/lib64/freeradius

pidfile = ${run_dir}/${name}.pid

user = radiusd

group = radiusd

max_request_time = 30

cleanup_delay = 5

max_requests = 1024

listen {

        type = auth

        ipaddr = *

        port = 0

}

listen {

        ipaddr = *

        port = 0

        type = acct

}

hostname_lookups = no

allow_core_dumps = no

regular_expressions     = yes

extended_expressions    = yes

log {

        syslog_facility = daemon

        stripped_names = no

        auth = no

        auth_badpass = no

        auth_goodpass = no

}

checkrad = ${sbindir}/checkrad

security {

        max_attributes = 200

        reject_delay = 1

        status_server = yes

}

proxy_requests  = yes

$INCLUDE proxy.conf

$INCLUDE clients.conf

thread pool {

        start_servers = 5

        max_servers = 32

        min_spare_servers = 3

        max_spare_servers = 10

        max_requests_per_server = 0

}



modules {

        $INCLUDE ${confdir}/modules/

        $INCLUDE eap.conf

}



instantiate {

        exec

        expr

        expiration

        logintime

}

$INCLUDE policy.conf

$INCLUDE sites-enabled/



/etc/raddb/cert/Server.cnf



[ ca ]



default_ca              = CA_default



[ CA_default ]



dir                     = ./



certs                   = $dir



crl_dir                 = $dir/crl



database                = $dir/index.txt



new_certs_dir           = $dir



certificate             = $dir/server.pem



serial                  = $dir/serial



crl                     = $dir/crl.pem



private_key             = $dir/server.key



RANDFILE                = $dir/.rand



name_opt                = ca_default



cert_opt                = ca_default



default_days            = 60



default_crl_days        = 30



default_md              = sha1



preserve                = no



policy                  = policy_match







[ policy_match ]



countryName             = match



stateOrProvinceName     = match



organizationName        = match



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ policy_anything ]



countryName             = optional



stateOrProvinceName     = optional



localityName            = optional



organizationName        = optional



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ req ]



prompt                  = no



distinguished_name      = server



default_bits            = 2048



input_password          = whatever



output_password         = whatever







[server]



countryName             = FR



stateOrProvinceName     = Radius



localityName            = Somewhere



organizationName        = Example Inc.



emailAddress            = admin@example.com



commonName              = "Example Server Certificate"





linux ssl-certificate certificate-authority freeradius expired







share|improve this question
















bumped to the homepage by Community 19 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • You created it "recently" and it will expire "by next month"? This does not sound sensible. Are you using certificates at all? Please post your radius config file - I assume you are not even using any certiciate!

    – cornelinux
    Sep 17 '14 at 7:39











  • Yes, As I said, I installed that server around 1 months ago. Actually that's really bizarre. I'll send to you the radius.conf file. please let me know if you need any other files.

    – Debian
    Sep 17 '14 at 13:19











  • When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days):

    – Debian
    Sep 17 '14 at 17:19
















0















Recently I've created a RADIUS server (Freeradius) that authenticate with Active Directory. I follow this link to create this server:
Now, when I see the "server.cnf" file into /etc/raddb/cert , I just realized that the certification will be expired by next month. So, I am really worried because I don't have have any idea about how can I regenerate a new certificate. Also into the /etc/raddb/cert, there is several file like:



01.pem, ca.cnf,ca.key, client.cnf, index.txt, index.txt.old, random, serial, server.cnf, server.csr server.p12, xpextensions, bootstrap, ca.der, ca.pem, dh, index.txt.attr, Makefile, README, serial.old server.crt, server.key, server.pem



Now, I am a little confused, What exactly should I do to expand the expire date of this certificate?




radius.conf



prefix = /usr

exec_prefix = /usr

sysconfdir = /etc

localstatedir = /var

sbindir = /usr/sbin

logdir = ${localstatedir}/log/radius

raddbdir = ${sysconfdir}/raddb

radacctdir = ${logdir}/radacct

name = radiusd

confdir = ${raddbdir}

run_dir = ${localstatedir}/run/${name}

db_dir = ${raddbdir}

libdir = /usr/lib64/freeradius

pidfile = ${run_dir}/${name}.pid

user = radiusd

group = radiusd

max_request_time = 30

cleanup_delay = 5

max_requests = 1024

listen {

        type = auth

        ipaddr = *

        port = 0

}

listen {

        ipaddr = *

        port = 0

        type = acct

}

hostname_lookups = no

allow_core_dumps = no

regular_expressions     = yes

extended_expressions    = yes

log {

        syslog_facility = daemon

        stripped_names = no

        auth = no

        auth_badpass = no

        auth_goodpass = no

}

checkrad = ${sbindir}/checkrad

security {

        max_attributes = 200

        reject_delay = 1

        status_server = yes

}

proxy_requests  = yes

$INCLUDE proxy.conf

$INCLUDE clients.conf

thread pool {

        start_servers = 5

        max_servers = 32

        min_spare_servers = 3

        max_spare_servers = 10

        max_requests_per_server = 0

}



modules {

        $INCLUDE ${confdir}/modules/

        $INCLUDE eap.conf

}



instantiate {

        exec

        expr

        expiration

        logintime

}

$INCLUDE policy.conf

$INCLUDE sites-enabled/



/etc/raddb/cert/Server.cnf



[ ca ]



default_ca              = CA_default



[ CA_default ]



dir                     = ./



certs                   = $dir



crl_dir                 = $dir/crl



database                = $dir/index.txt



new_certs_dir           = $dir



certificate             = $dir/server.pem



serial                  = $dir/serial



crl                     = $dir/crl.pem



private_key             = $dir/server.key



RANDFILE                = $dir/.rand



name_opt                = ca_default



cert_opt                = ca_default



default_days            = 60



default_crl_days        = 30



default_md              = sha1



preserve                = no



policy                  = policy_match







[ policy_match ]



countryName             = match



stateOrProvinceName     = match



organizationName        = match



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ policy_anything ]



countryName             = optional



stateOrProvinceName     = optional



localityName            = optional



organizationName        = optional



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ req ]



prompt                  = no



distinguished_name      = server



default_bits            = 2048



input_password          = whatever



output_password         = whatever







[server]



countryName             = FR



stateOrProvinceName     = Radius



localityName            = Somewhere



organizationName        = Example Inc.



emailAddress            = admin@example.com



commonName              = "Example Server Certificate"





linux ssl-certificate certificate-authority freeradius expired







share|improve this question
















bumped to the homepage by Community 19 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • You created it "recently" and it will expire "by next month"? This does not sound sensible. Are you using certificates at all? Please post your radius config file - I assume you are not even using any certiciate!

    – cornelinux
    Sep 17 '14 at 7:39











  • Yes, As I said, I installed that server around 1 months ago. Actually that's really bizarre. I'll send to you the radius.conf file. please let me know if you need any other files.

    – Debian
    Sep 17 '14 at 13:19











  • When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days):

    – Debian
    Sep 17 '14 at 17:19














0












0








0








Recently I've created a RADIUS server (Freeradius) that authenticate with Active Directory. I follow this link to create this server:
Now, when I see the "server.cnf" file into /etc/raddb/cert , I just realized that the certification will be expired by next month. So, I am really worried because I don't have have any idea about how can I regenerate a new certificate. Also into the /etc/raddb/cert, there is several file like:



01.pem, ca.cnf,ca.key, client.cnf, index.txt, index.txt.old, random, serial, server.cnf, server.csr server.p12, xpextensions, bootstrap, ca.der, ca.pem, dh, index.txt.attr, Makefile, README, serial.old server.crt, server.key, server.pem



Now, I am a little confused, What exactly should I do to expand the expire date of this certificate?




radius.conf



prefix = /usr

exec_prefix = /usr

sysconfdir = /etc

localstatedir = /var

sbindir = /usr/sbin

logdir = ${localstatedir}/log/radius

raddbdir = ${sysconfdir}/raddb

radacctdir = ${logdir}/radacct

name = radiusd

confdir = ${raddbdir}

run_dir = ${localstatedir}/run/${name}

db_dir = ${raddbdir}

libdir = /usr/lib64/freeradius

pidfile = ${run_dir}/${name}.pid

user = radiusd

group = radiusd

max_request_time = 30

cleanup_delay = 5

max_requests = 1024

listen {

        type = auth

        ipaddr = *

        port = 0

}

listen {

        ipaddr = *

        port = 0

        type = acct

}

hostname_lookups = no

allow_core_dumps = no

regular_expressions     = yes

extended_expressions    = yes

log {

        syslog_facility = daemon

        stripped_names = no

        auth = no

        auth_badpass = no

        auth_goodpass = no

}

checkrad = ${sbindir}/checkrad

security {

        max_attributes = 200

        reject_delay = 1

        status_server = yes

}

proxy_requests  = yes

$INCLUDE proxy.conf

$INCLUDE clients.conf

thread pool {

        start_servers = 5

        max_servers = 32

        min_spare_servers = 3

        max_spare_servers = 10

        max_requests_per_server = 0

}



modules {

        $INCLUDE ${confdir}/modules/

        $INCLUDE eap.conf

}



instantiate {

        exec

        expr

        expiration

        logintime

}

$INCLUDE policy.conf

$INCLUDE sites-enabled/



/etc/raddb/cert/Server.cnf



[ ca ]



default_ca              = CA_default



[ CA_default ]



dir                     = ./



certs                   = $dir



crl_dir                 = $dir/crl



database                = $dir/index.txt



new_certs_dir           = $dir



certificate             = $dir/server.pem



serial                  = $dir/serial



crl                     = $dir/crl.pem



private_key             = $dir/server.key



RANDFILE                = $dir/.rand



name_opt                = ca_default



cert_opt                = ca_default



default_days            = 60



default_crl_days        = 30



default_md              = sha1



preserve                = no



policy                  = policy_match







[ policy_match ]



countryName             = match



stateOrProvinceName     = match



organizationName        = match



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ policy_anything ]



countryName             = optional



stateOrProvinceName     = optional



localityName            = optional



organizationName        = optional



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ req ]



prompt                  = no



distinguished_name      = server



default_bits            = 2048



input_password          = whatever



output_password         = whatever







[server]



countryName             = FR



stateOrProvinceName     = Radius



localityName            = Somewhere



organizationName        = Example Inc.



emailAddress            = admin@example.com



commonName              = "Example Server Certificate"





linux ssl-certificate certificate-authority freeradius expired







share|improve this question
















Recently I've created a RADIUS server (Freeradius) that authenticate with Active Directory. I follow this link to create this server:
Now, when I see the "server.cnf" file into /etc/raddb/cert , I just realized that the certification will be expired by next month. So, I am really worried because I don't have have any idea about how can I regenerate a new certificate. Also into the /etc/raddb/cert, there is several file like:



01.pem, ca.cnf,ca.key, client.cnf, index.txt, index.txt.old, random, serial, server.cnf, server.csr server.p12, xpextensions, bootstrap, ca.der, ca.pem, dh, index.txt.attr, Makefile, README, serial.old server.crt, server.key, server.pem



Now, I am a little confused, What exactly should I do to expand the expire date of this certificate?




radius.conf



prefix = /usr

exec_prefix = /usr

sysconfdir = /etc

localstatedir = /var

sbindir = /usr/sbin

logdir = ${localstatedir}/log/radius

raddbdir = ${sysconfdir}/raddb

radacctdir = ${logdir}/radacct

name = radiusd

confdir = ${raddbdir}

run_dir = ${localstatedir}/run/${name}

db_dir = ${raddbdir}

libdir = /usr/lib64/freeradius

pidfile = ${run_dir}/${name}.pid

user = radiusd

group = radiusd

max_request_time = 30

cleanup_delay = 5

max_requests = 1024

listen {

        type = auth

        ipaddr = *

        port = 0

}

listen {

        ipaddr = *

        port = 0

        type = acct

}

hostname_lookups = no

allow_core_dumps = no

regular_expressions     = yes

extended_expressions    = yes

log {

        syslog_facility = daemon

        stripped_names = no

        auth = no

        auth_badpass = no

        auth_goodpass = no

}

checkrad = ${sbindir}/checkrad

security {

        max_attributes = 200

        reject_delay = 1

        status_server = yes

}

proxy_requests  = yes

$INCLUDE proxy.conf

$INCLUDE clients.conf

thread pool {

        start_servers = 5

        max_servers = 32

        min_spare_servers = 3

        max_spare_servers = 10

        max_requests_per_server = 0

}



modules {

        $INCLUDE ${confdir}/modules/

        $INCLUDE eap.conf

}



instantiate {

        exec

        expr

        expiration

        logintime

}

$INCLUDE policy.conf

$INCLUDE sites-enabled/



/etc/raddb/cert/Server.cnf



[ ca ]



default_ca              = CA_default



[ CA_default ]



dir                     = ./



certs                   = $dir



crl_dir                 = $dir/crl



database                = $dir/index.txt



new_certs_dir           = $dir



certificate             = $dir/server.pem



serial                  = $dir/serial



crl                     = $dir/crl.pem



private_key             = $dir/server.key



RANDFILE                = $dir/.rand



name_opt                = ca_default



cert_opt                = ca_default



default_days            = 60



default_crl_days        = 30



default_md              = sha1



preserve                = no



policy                  = policy_match







[ policy_match ]



countryName             = match



stateOrProvinceName     = match



organizationName        = match



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ policy_anything ]



countryName             = optional



stateOrProvinceName     = optional



localityName            = optional



organizationName        = optional



organizationalUnitName  = optional



commonName              = supplied



emailAddress            = optional







[ req ]



prompt                  = no



distinguished_name      = server



default_bits            = 2048



input_password          = whatever



output_password         = whatever







[server]



countryName             = FR



stateOrProvinceName     = Radius



localityName            = Somewhere



organizationName        = Example Inc.



emailAddress            = admin@example.com



commonName              = "Example Server Certificate"





linux ssl-certificate certificate-authority freeradius expired




linux ssl-certificate certificate-authority freeradius expired






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Oct 16 '14 at 13:47









HBruijn

55.2k1087149




55.2k1087149










asked Sep 16 '14 at 20:28









DebianDebian

1615




1615





bumped to the homepage by Community 19 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 19 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.















  • You created it "recently" and it will expire "by next month"? This does not sound sensible. Are you using certificates at all? Please post your radius config file - I assume you are not even using any certiciate!

    – cornelinux
    Sep 17 '14 at 7:39











  • Yes, As I said, I installed that server around 1 months ago. Actually that's really bizarre. I'll send to you the radius.conf file. please let me know if you need any other files.

    – Debian
    Sep 17 '14 at 13:19











  • When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days):

    – Debian
    Sep 17 '14 at 17:19



















  • You created it "recently" and it will expire "by next month"? This does not sound sensible. Are you using certificates at all? Please post your radius config file - I assume you are not even using any certiciate!

    – cornelinux
    Sep 17 '14 at 7:39











  • Yes, As I said, I installed that server around 1 months ago. Actually that's really bizarre. I'll send to you the radius.conf file. please let me know if you need any other files.

    – Debian
    Sep 17 '14 at 13:19











  • When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days):

    – Debian
    Sep 17 '14 at 17:19

















You created it "recently" and it will expire "by next month"? This does not sound sensible. Are you using certificates at all? Please post your radius config file - I assume you are not even using any certiciate!

– cornelinux
Sep 17 '14 at 7:39





You created it "recently" and it will expire "by next month"? This does not sound sensible. Are you using certificates at all? Please post your radius config file - I assume you are not even using any certiciate!

– cornelinux
Sep 17 '14 at 7:39













Yes, As I said, I installed that server around 1 months ago. Actually that's really bizarre. I'll send to you the radius.conf file. please let me know if you need any other files.

– Debian
Sep 17 '14 at 13:19





Yes, As I said, I installed that server around 1 months ago. Actually that's really bizarre. I'll send to you the radius.conf file. please let me know if you need any other files.

– Debian
Sep 17 '14 at 13:19













When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days):

– Debian
Sep 17 '14 at 17:19





When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days):

– Debian
Sep 17 '14 at 17:19










1 Answer
1






active

oldest

votes


















0














When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days): 



openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | 



sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config 



./server.cnf



Using configuration from ./server.cnf



Check that the request matches the signature



Signature ok



Certificate Details:



        Serial Number: 1 (0x1)



        Validity



            Not Before: Sep 17 15:55:12 2014 GMT



            Not After : Nov 16 15:55:12 2014 GMT



        Subject:



            countryName               = FR



            stateOrProvinceName       = Radius



            organizationName          = Example Inc.



            commonName                = Example Server Certificate



            emailAddress              = admin@example.com



        X509v3 extensions:



            X509v3 Extended Key Usage: 



                TLS Web Server Authentication


Certificate is to be certified until Nov 16 15:55:12 2014 GMT (60 days)






share|improve this answer

























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "2"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f629003%2ffreeradius-certificate-is-going-to-expired%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days): 



    openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | 
    

    
sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config 
    

    
./server.cnf
    

    
Using configuration from ./server.cnf
    

    
Check that the request matches the signature
    

    
Signature ok
    

    
Certificate Details:
    

    
        Serial Number: 1 (0x1)
    

    
        Validity
    

    
            Not Before: Sep 17 15:55:12 2014 GMT
    

    
            Not After : Nov 16 15:55:12 2014 GMT
    

    
        Subject:
    

    
            countryName               = FR
    

    
            stateOrProvinceName       = Radius
    

    
            organizationName          = Example Inc.
    

    
            commonName                = Example Server Certificate
    

    
            emailAddress              = admin@example.com
    

    
        X509v3 extensions:
    

    
            X509v3 Extended Key Usage: 
    

    
                TLS Web Server Authentication


    Certificate is to be certified until Nov 16 15:55:12 2014 GMT (60 days)






    share|improve this answer






























      0














      When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days): 



      openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | 
      

      
sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config 
      

      
./server.cnf
      

      
Using configuration from ./server.cnf
      

      
Check that the request matches the signature
      

      
Signature ok
      

      
Certificate Details:
      

      
        Serial Number: 1 (0x1)
      

      
        Validity
      

      
            Not Before: Sep 17 15:55:12 2014 GMT
      

      
            Not After : Nov 16 15:55:12 2014 GMT
      

      
        Subject:
      

      
            countryName               = FR
      

      
            stateOrProvinceName       = Radius
      

      
            organizationName          = Example Inc.
      

      
            commonName                = Example Server Certificate
      

      
            emailAddress              = admin@example.com
      

      
        X509v3 extensions:
      

      
            X509v3 Extended Key Usage: 
      

      
                TLS Web Server Authentication


      Certificate is to be certified until Nov 16 15:55:12 2014 GMT (60 days)






      share|improve this answer




























        0












        0








        0







        When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days): 



        openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | 
        

        
sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config 
        

        
./server.cnf
        

        
Using configuration from ./server.cnf
        

        
Check that the request matches the signature
        

        
Signature ok
        

        
Certificate Details:
        

        
        Serial Number: 1 (0x1)
        

        
        Validity
        

        
            Not Before: Sep 17 15:55:12 2014 GMT
        

        
            Not After : Nov 16 15:55:12 2014 GMT
        

        
        Subject:
        

        
            countryName               = FR
        

        
            stateOrProvinceName       = Radius
        

        
            organizationName          = Example Inc.
        

        
            commonName                = Example Server Certificate
        

        
            emailAddress              = admin@example.com
        

        
        X509v3 extensions:
        

        
            X509v3 Extended Key Usage: 
        

        
                TLS Web Server Authentication


        Certificate is to be certified until Nov 16 15:55:12 2014 GMT (60 days)






        share|improve this answer















        When I try to run "bootstrap" script or "make all", the end of running that return me this message (Just for 60 days): 



        openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key `grep output_password ca.cnf | 
        

        
sed 's/.*=//;s/^ *//'` -out server.crt -extensions xpserver_ext -extfile xpextensions -config 
        

        
./server.cnf
        

        
Using configuration from ./server.cnf
        

        
Check that the request matches the signature
        

        
Signature ok
        

        
Certificate Details:
        

        
        Serial Number: 1 (0x1)
        

        
        Validity
        

        
            Not Before: Sep 17 15:55:12 2014 GMT
        

        
            Not After : Nov 16 15:55:12 2014 GMT
        

        
        Subject:
        

        
            countryName               = FR
        

        
            stateOrProvinceName       = Radius
        

        
            organizationName          = Example Inc.
        

        
            commonName                = Example Server Certificate
        

        
            emailAddress              = admin@example.com
        

        
        X509v3 extensions:
        

        
            X509v3 Extended Key Usage: 
        

        
                TLS Web Server Authentication


        Certificate is to be certified until Nov 16 15:55:12 2014 GMT (60 days)







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Oct 16 '14 at 14:16









        ThoriumBR

        4,81621933




        4,81621933










        answered Sep 17 '14 at 17:21









        DebianDebian

        1615




        1615






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Server Fault!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f629003%2ffreeradius-certificate-is-going-to-expired%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            As a Security Precaution, the user account has been locked The Next CEO of Stack OverflowMS...

            Image
            Could a dragon use its wings to swim? Is it a bad idea to plug the other end of ESD strap to wall ground? How can I prove that a state of equilibrium is unstable? Compilation of a 2d array and a 1d array pgfplots: How to draw a tangent graph below two others? How dangerous is XSS Gauss' Posthumous Publications? How to implement Comparable so it is consistent with identity-equality What does this strange code stamp on my passport mean? "Eavesdropping" vs "Listen in on" Which acid/base does a strong base/acid react when added to a buffer solution?
            Read more

            Список ссавців Італії Природоохоронні статуси | Список |...

            Image
            Списки ссавцівФауна ІталіїСписки:ІталіяСсавці Італії ІталіїМСОПХижіCetartiodactylaРукокриліКомахоїдніЗайцеподібніГризуниМСОП ссавці Італії ? Італія Біорегіон Біогеографічний екорегіон Голарктика Екозона Палеарктика Біом субтропічний ліс, альпійські луки, прісні води, континентальний шельф, континентальний схил Місцевість Континент Європа Країна Італія Територія Середземне море Фауна більшого обсягу За географією фауна Європи За систематикою ссавці, фауна Італії За екологією суходільна фауна, морська фауна За біогеографією теріофауна Європи Геологічний вік сучасність Особливості Видовий обсяг 121 Чужорідні види Genetta genetta, Ondatra zibethicus, Oryctolagus cuniculus, Rattus norvegicus, Rattus rattus, Sciurus carolinensis, Tamias sibiricus Список ссавців Італії містить перелік видів, записаних на території Італії (південна Європа) згідно з
            Read more

            Українські прізвища Зміст Історичні відомості |...

            Image
            АдигськіАбхазькіАзербайджанські [en] Албанські [en] АлтайськіАмериканські [en] Афроамериканські [en] АнглійськіАрабськіБашкирськіБілоруські [en] прізвищаБолгарські [en] БоснійськіБурятськіВельські [en] ВепськіВ'єтнамські [en] Вірменські [en] Гавайські [en] ГолландськіГрецькіГрузинськіДанськіЕстонськіЄврейські [en] Юдейські [en] Ефіопія/Еритрея [en] Зімбабвійські [en] Індіанські [en] ІндійськіІндонезійські [en] Ірландські [en] ІсландськіІспанські і португальськіІталійськіКалмицькі [en] КарельськіКазахськіКамбоджійські [en] Канадські [en] КіргизькіКитайські [en] КоміКорейськіЛатиськіЛитовські [en] Лаоські [en] МарійськіМакедонські [en] Малазійські [en] Монгольські [en] МордовськіНімецькіНорвезькіОсетинськіПерські [en] ПольськіПрибалтійськіПортугальськіРосійськіпрізвищаРумунськіСербськіСкандинавськіСлов'янськіСахаСловацькі [en] Сомалійські [en] ТайванськіТайські [en] Татарські [en] ТибетськіТувинськіТурецькі [en] УгорськіУдмуртськіУкраїнськіпрізвищаФіджійські [en] ФінськіФранцузьк
            Read more