TLS: assigning certificates to username

Arran Cudbard-Bell a.cudbardb at
Thu May 5 17:14:08 CEST 2016

> So in fact I revise my previous statement, if your cert contains an NAI in the CN part of the subject, your system administrator is an idiot.

and if you check your Network RADIUS issued S/MIME certificate.  Oh, oh what's that? A subjectAltName with your username as an NAI? Look at that :)


Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list