0

I'm using freeRadius on my over Apache on my Linux Debian machine. I've been going through my configurations for hours and I can't seem to get this to work. I'm able to log into radius using a username and password stored on MySQL, but now I want to ditch that and log in solely with a client certificate. Does anyone have any ideas?

`````````````````````````UPDATE``````````````````````````````````````````````` Here is some of my Apache configuration:

            AuthType Basic
            AuthName "RADIUS authentication for localhost"
            AuthBasicAuthoritative off
            AuthRadiusAuthoritative on
            AuthBasicProvider radius
            AuthRadiusActive On
            require valid-user

Currently, Apache asks the user for a username and password, Apache then forwards the credentials to freeRadius. After freeRadius authenticates the user (by checking the credentials against a MySQL table), it sends an "OK" to Apache allowing the user to the website that is hosted on Apache.

But now I want Apache to ask for a client certificate. Apache will then forward that to freeRadius where it will check it against the certificates it has. Somewhere in there is encryption, so if anyone wants to enlighten me on that also, it would be appreciated.

What I think is I have to change the configuration listed above so Apache asks for a certificate. I just can't find the information on how to go about that.

alexs973
  • 51
  • 1
  • 6
  • Sorry, but your question is very unclear to me. How do Apache and FreeRadius interact? – user2233709 Apr 05 '17 at 23:27
  • I have a number of different files on my website that's run by apache. In my /etc/apache2/sites-enabled/blahblah.file virtual host I have radius configured to accept a user name and password which is stored in a mysql database. But now I would like to scrap the username and password and have radius authenticate solely with client certificates – alexs973 Apr 06 '17 at 00:43

0 Answers0