Certificate Provisioning for EAP-TLS Networks

Matt Causey matt.causey at gmail.com
Thu Jan 29 15:52:50 CET 2009

I am running FreeRadius at my company on a WLAN - using SSL key
material issued by our internal certificate authority.  All is well.

However a pretty big limitation of this security architecture is of
course getting the SSL key material onto the devices.  In our case -
the devices are SIP phones with no wired ethernet connection.  I know
there are other sites with similar issues.

I would like to hear some ideas on what folks are doing to manage SSL
key material on devices.  This would include initial key provisioning
and re-keying when certs expire.  Presently ours expire every 90 days.



More information about the Freeradius-Users mailing list