...
- radsecproxy version 1.4.2 or higher
- A server certificate and a private key for that certificate to establish the RadSec connection which designates the server as an IdP+SP.
Installation
On UNIX-like systems, the installation is very simple:
- Download the code from http://software.uninett.no/radsecproxy/.
- Unpack the code.
- Navigate into the unpacked directory (the base directory) and type:
make
The code is ISO C and should compile cleanly. It usually does not require a ./configure.
4. After compiling, the executable
| Code Block |
|---|
radsecproxy
|
is in the base directory. Either run this executable here or copy it to a convenient location (e.g. /usr/local/bin) and run it there. Execution does not require root rights.
5. Copy the template configuration file below into
| Code Block |
|---|
/etc/radsecproxy.conf
|
6. Create the directory /etc/radsecproxy.d/certs/ca/. The template configuration file requires this directory to contain the accredited CA root certificates and the corresponding Certificate Revocation Lists (CRLs) in their OpenSSL hash form. See the section radsec certificates for information about the CA download.
...
| Include Page | ||||
|---|---|---|---|---|
|
Sample config file
Most of the radsecproxy configuration file is static. Therefore, a template configuration file is provided at http://www.eduroam.org/downloads/docs/eduroam-cookbook-scripts.zip. A detailed explanation of this configuration file follows. However, the comments included in the file should make its action almost self- explanatory. This means you can start and experiment with it right after installation.
...