fws
/
ansible-roles
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
351 Commits
1 Branch
0 Tags
7.5 MiB
 
 
 
 
 
 
Tag: Branch: Tree: d85c9e4856
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd85c9e4856'
${ noResults }
ansible-roles/roles/radius_server/templates/modules/eap.conf.j2

27 lines
934 B
Raw Blame History

eap {
default_eap_type = tls
tls-config tls-common {
{% if rad_tls_key_pass is defined %}
private_key_password = {{ rad_tls_key_pass }}
{% endif %}
private_key_file = /etc/radius/certs/key.pem
certificate_file = /etc/radius/certs/cert.pem
{% if rad_tls_ca is defined %}
ca_file = /etc/radius/certs/ca.pem
{% endif %}
dh_file = /etc/radius/certs/dh.pem
ca_path = /etc/radius/certs/
ecdh_curve = "prime256v1"
{% if rad_tls_issuert is defined %}
check_cert_issuer = "{{ rad_tls_issuer }}"
{% endif %}
verify {
tmpdir = /run/radiusd/tls
client = "/usr/local/bin/rad_check_client_cert --cert %{TLS-Client-Cert-Filename}{% if rad_tls_crl is defined %} --crl {{ (rad_tls_crl is search ('https?://')) | ternary(rad_tls_crl,'/etc/radius/certs/crl.pem') }}{% endif %}{% if rad_tls_issuer is defined %} --issuer '{{ rad_tls_issuer }}'{% endif %}"
}
}
tls {
tls = tls-common
}
}