EAP TLS against multiple certificates?

Alan DeKok aland at deployingradius.com
Fri Mar 31 13:49:33 CEST 2017


On Mar 31, 2017, at 7:02 AM, David Hartburn <D.J.Hartburn at kent.ac.uk> wrote:
> 
> Is it possible to check EAP-TLS against multiple certificate chains, or bundle two chains together into the same pem file?

  See the comments for "ca_file" in the default build.  The question is answered there.

> In terms of config, in mods-enabled/eap, I have
> 	tls-config loanlaptops {
> 		private_key_file = ${confdir}/certs/loan_laptop_server.pem
> 		certificate_file = ${confdir}/certs/loan_laptop_server.pem
> 		ca_file = ${confdir}/certs/unikentrootCAchain.pem

  Removing all of the comments makes the configuration smaller, it can also make it harder to understand.

  Alan DeKok.




More information about the Freeradius-Users mailing list