WPA Certificate Question

Mike Diggins mike.diggins at mcmaster.ca
Sat Jan 30 23:59:24 CET 2010


I was able to get freeradius 2.1.3 and wireless WPA working, likely due to 
the fact that FreeRadius was mostly configured for me (thanks ;) ). I’m a 
little confused about the certificate that is required in the process, and 
what the relationship is with the client, the Wireless Controller and the 
FreeRadius server.  The README file states:

“ In general, you should use self-signed certificates for 802.1x (EAP) 
authentication.”

Why self signed versus CA signed? Ideally I would like my clients to not 
be questioned about the certificate at all. Is that even possible with 
WPA? If I purchase a CA signed cert, would that eliminate the requirement 
on the client to acknowledge the certificate or import it?

-Mike


More information about the Freeradius-Users mailing list