Simultaneous EC/RSA Certificates

Alan DeKok aland at
Fri May 20 13:02:34 CEST 2016

On May 20, 2016, at 6:08 AM, Adam Bishop <Adam.Bishop at> wrote:
> NGINX has just added support for serving an ECDSA and an RSA certificate simultaneously, keyed off the cipher selected with ECDSA as the preferred option.
> Obviously there's significant differences between HTTP and RADIUS, but could this be implemented in FreeRADIUS for EAP/RadSec?

  From a quick look at the nginx patch, it just allows for loading multiple certs.  Then (presumably), OpenSSL does the rest.

  That could be done in the server.  We'd have to update the configuration with the new syntax, but sure, it's possible.

  Alan DeKok.

More information about the Freeradius-Users mailing list