Index: freeradius-server-3.0.0/raddb/certs/Makefile
===================================================================
--- freeradius-server-3.0.0.orig/raddb/certs/Makefile	2013-10-15 18:20:43.563939081 +0200
+++ freeradius-server-3.0.0/raddb/certs/Makefile	2013-10-15 18:21:35.382475281 +0200
@@ -51,7 +51,7 @@ dh:
 #  Create a new self-signed CA certificate
 #
 ######################################################################
-ca.key ca.pem: ca.cnf
+ca.key ca.pem:
 	@[ -f index.txt ] || $(MAKE) index.txt
 	@[ -f serial ] || $(MAKE) serial
 	openssl req -new -x509 -keyout ca.key -out ca.pem \
@@ -65,7 +65,7 @@ ca.der: ca.pem
 #  Create a new server certificate, signed by the above CA.
 #
 ######################################################################
-server.csr server.key: server.cnf
+server.csr server.key:
 	openssl req -new  -out server.csr -keyout server.key -config ./server.cnf
 
 server.crt: server.csr ca.key ca.pem
@@ -87,7 +87,7 @@ server.vrfy: ca.pem
 #  certificate.
 #
 ######################################################################
-client.csr client.key: client.cnf
+client.csr client.key:
 	openssl req -new  -out client.csr -keyout client.key -config ./client.cnf
 
 client.crt: client.csr ca.pem ca.key
Index: freeradius-server-3.0.0/raddb/certs/bootstrap
===================================================================
--- freeradius-server-3.0.0.orig/raddb/certs/bootstrap	2013-10-15 18:20:43.563939081 +0200
+++ freeradius-server-3.0.0/raddb/certs/bootstrap	2013-10-15 18:20:45.669960874 +0200
@@ -21,7 +21,9 @@ make -h > /dev/null 2>&1
 #
 if [ "$?" = "0" ]; then
   make all
-  exit $?
+  ret=$?
+  chgrp radiusd *
+  exit $ret
 fi
 
 #
@@ -80,3 +82,5 @@ fi
 if [ ! -f client.crt ]; then
   openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr  -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
 fi
+
+chgrp radiusd *