Re: Radius + EAP-TLS + LDAP
Paweł Klisiewicz wrote:
> Is it possible to setup EAP-TLS based authentication without using third
> part CA for signing certificates ?
No.
> so basically, keep users Public key's
> (not certificates) in LDAP and make radius to retrieve them from there
> and authenticate users in this way using just pair of public and private
> key ?
No. EAP-TLS requires access to the CA key. Having access to the
user's public key doesn't help.
Alan DeKok.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.