14: Security in Detail
PremierWave XC User Guide
97
Steel Belted RADIUS
Steel Belted RADIUS is a commercial RADIUS server from Juniper Networks that provides a GUI
administration interface. It also provides a certificate request and self-signed certificate generator.
The self-signed certificate has extension .sbrpvk and is in the PKCS12 format. OpenSSL can
convert this into a PEM format certificate and key:
openssl pkcs12 -in sbr_certkey.sbrpvk -nodes -out sbr_certkey.pem
The
sbr_certkey.pem
file contains both certificate and key. If loading the SBR certificate into
PremierWave XC as an authority, you will need to edit it:
1. Open the file in any plain text editor.
2. Delete all info before
"----- BEGIN CERTIFICATE-----" and after "----- END
CERTIFICATE-----"
, and then save as
sbr_cert.pem.
SBR accepts trusted-root certificates in the DER format. Again, OpenSSL can convert any format
into DER:
openssl x509 -inform pem -in mp_cert.pem -outform der -out mp_cert.der
Note:
With SBR, when the identity information includes special characters such as
dashes and periods, SBR changes the format it uses to store these strings and becomes
incompatible with the current PremierWave XC release. Support may be added for this
and other formats in future releases.
Free RADIUS
Free RADIUS is another versatile Linux open-source RADIUS server.