TLS certificates authorities.
brudas at exadel.com
Fri Sep 9 08:00:34 CEST 2016
Could you please clarify you warning regarding client configuration? Some
systems allow my EAP-TTLS+PAP configuration out of the box, do you mean in
could be insecure? Are there any way to prevent client authentication
unless it have my CA installed?
On Thu, Sep 8, 2016 at 8:43 PM, <A.L.M.Buxey at lboro.ac.uk> wrote:
> > I'm using EAP-TTPS+PAP for authentication. Are there any way to prevent
> > WiFi SSID spoofing without distributing my own CA certificate? Does it
> > a sense to sign my server key with any of the public CA and what should I
> > supply as CN for such key?
> use your own CA...as for distributing it - it wil be installed with an
> profile deployment tool....which *especially* for EAP-TTLS/PAP you should
> be using (because clients REALLY need to be configured correctly/securely
> when using that method!)
Head of Minsk IT Support Department
E-mail: brudas at exadel.com
Skype ID: bogdan.rudas
CONFIDENTIALITY NOTICE: This email and files attached to it are
confidential. If you are not the intended recipient you are hereby notified
that using, copying, distributing or taking any action in reliance on the
contents of this information is strictly prohibited. If you have received
this email in error please notify the sender and delete this email.
More information about the Freeradius-Users