This directory contains sample certificates that you can use to test
Radiator with various 802.1x authentication schemes, as used in
Wireless LANs etc.

In here you will find Root and Server Certificate files suitable
for use with Radiator. You will need these if you wish to
authenticate using EAP-TLS, EAP-TTLS or EAP-PEAP.

You will also find Root and Client Certificates suitable for
installing on client PCs. You will need to install these on the client
if you wish to authenticate using EAP-TLS.

None of these certificates should be considered to be secure, and they
should NOT be used in a production environment, but only for testing
and proof-of-concept for your project. You should use a reputable
Certificate Authority package such as CAtool to generate your
production certificates.

These certificates were generated with OpenSSL 0.9.7 and the
goodies/mkcertificate.sh script.

USE THESE FILES IN YOUR RADIATOR CONFIGURATION.
demoCA/cacert.pem
	CA Root certificate file suitable for use by Radiator. Used by Radiator
	to validate client certificates. Specifiy with EAPTLS_CAFile in your
	Radiator configuration file.

cert-srv.pem
	Server certificate _and_ private key for Radiator. 
	The private key password is 'whatever'.
	Specifiy with EAPTLS_CertificateFile and EAPTLS_PrivateKeyFile in your
	Radiator configuration file..
	The server name in the certificate is test.server.some.company.com

USE THESE FILES ON YOUR WINDOWS CLIENTS. In Windows, double click on each file 
import the certificate:

root.der 
	Root 'Security Certificate' suitable for importing into MS Windows
	as a Root certificate. Used by the client to validate the
	Radiator server certificate. Hint: on Windows Mobile 5 and other
	similar devices, you will need to rename this file to root.cer before
	importing it (also called enroling it) on Windows.

cert-clt.p12
	Client certificate _and_ private key, suitable for importing
	into MS Windows. Radiator will validate this client certificate
	against its Root Certificate. The password for the private key
	is 'whatever'. The certificate is for a user named testUser.



	
USE THESE FILES for YOUR LINUX CLIENTS. Follow the instructions for your client.

root.pem
	Root certificate that matches the cert-srv.pem test certificate above for
	Radiator. Suitable for use with TLS, TTLS, PEAP etc on Linux

cert-clt.pem
	Client certificate _and_ private key, suitable for use with TLS etc on Linux


The following files contain Diffie-Hellman parameters, for use with
unauthenticated cipher suites, such as those required by EAP-FAST. They
are MODP groups that conform to RFC 3526, and were generated from the data in
bn_const.c using p1024.c from openssl 0.9.8d. The ones with smaller key sizes
are faster to generate keys abut are less secure.

dh1536.pem
dh2048.pem
dh3072.pem
dh4096.pem
dh6144.pem
