Disabling EAP-TLS while keeping EAP-PEAP

Eshun Benjamin bkeshun at yahoo.fr
Tue Jun 19 09:40:55 CEST 2007


sounds interesting can you post your tls section config
 
================================================== 



----- Message d'origine ----
De : "Reimer Karlsen-Masur, DFN-CERT" <karlsen-masur at dfn-cert.de>
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Envoyé le : Lundi, 18 Juin 2007, 11h09mn 31s
Objet : Re: Disabling EAP-TLS while keeping EAP-PEAP

Hi!

By commenting the CA_file parameter in the eap->tls section:

# CA_file = ${raddbdir}/certs/trusted-ca-cert-list.pem

*and*

by setting CA_path parameter in the eap->tls section to an *empty* directory

CA_path = ${raddbdir}/certs/trustedCAs

should do the trick.

No trusted CAs mean no trusted client certificates :-)

Martin Gadbois wrote:
> When enabling EAP-PEAP with FreeRADIUS, module EAP-TLS is required.
> 
> How can I disable EAP-TLS while using EAP-PEAP?
> 
> I agree that if the client does not have a client key, EAP-TLS will not
> work. But how to restrict EAP-TLS in any case?

-- 
Beste Gruesse / Kind Regards

Reimer Karlsen-Masur

DFN-PKI FAQ: https://www.pki.dfn.de/faqpki
--
Dipl.-Inform. Reimer Karlsen-Masur (PKI Team), Phone +49 40 808077-615
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html










      
	
		
___________________________________________________________________________ 
Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! 
Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses 
http://fr.answers.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070619/844dee38/attachment.html>


More information about the Freeradius-Users mailing list