Certificate Provisioning for EAP-TLS Networks
matt.causey at gmail.com
Thu Jan 29 15:52:50 CET 2009
I am running FreeRadius at my company on a WLAN - using SSL key
material issued by our internal certificate authority. All is well.
However a pretty big limitation of this security architecture is of
course getting the SSL key material onto the devices. In our case -
the devices are SIP phones with no wired ethernet connection. I know
there are other sites with similar issues.
I would like to hear some ideas on what folks are doing to manage SSL
key material on devices. This would include initial key provisioning
and re-keying when certs expire. Presently ours expire every 90 days.
More information about the Freeradius-Users