Ssl utilities, Openssl, Steel belted radius – Lantronix XPORT PROTM 900-560 User Manual

Page 94: Free radius

Advertising
background image

10: Security Settings

XPort Pro User Guide

94

SSL Utilities

Several utilities exist to convert between the formats.

OpenSSL

Open source set of SSL related command line utilities. It can act as server or client. It can
generate or sign certificate requests. It can convert all kinds of formats. Executables are available
for Linux and Windows. To generate a self-signed RSA certificate/key combo use the following
commands in the order shown:

openssl req –x509 –nodes –days 365 –newkey rsa:1024 –keyout
mp_key.pem –out mp_cert.pem

Note:

Signing other certificate requests is also possible with OpenSSL. See

www.openssl.org

or

www.madboa.com/geek/openssl

for more information.

Steel Belted RADIUS

Commercial RADIUS server by Juniper Networks that provides a GUI administration interface. It
also provides a certificate request and self-signed certificate generator. The self-signed certificate
has extension .sbrpvk and is in the PKCS12 format. OpenSSL can convert this into a PEM format
certificate and key by using the following commands in the order shown:

openssl pkcs12 -in sbr_certkey.sbrpvk -nodes -out sbr_certkey.pem

The sbr_certkey.pem file contains both certificate and key. If loading the SBR certificate into XPort
Pro as an authority, you will need to edit it.

1.

Open the file in any plain text editor.

2.

Delete all info before the following: “----- BEGIN CERTIFICATE-----“

3.

Delete all info after the following: “----- END CERTIFICATE-----“

4.

Save as sbr_cert.pem. SBR accepts trusted-root certificates in the DER format.

5.

Again, OpenSSL can convert any format into DER by using the following commands in the
order shown:

openssl x509 -inform pem -in mp_cert.pem -outform der -out
mp_cert.der

Note:

With SBR, when the identity information includes special characters such as

dashes and periods, SBR changes the format it uses to store these strings and becomes
incompatible with the current XPort Pro release. We will add support for this and other
formats in future releases. Free RADIUS—Linux open-source RADIUS server. It is
versatile, but complicated to configure.

Free RADIUS

Free RADIUS is a Linux open-source RADIUS server. It is versatile, but complicated to configure.

Advertising
Popular Brands
Popular manuals