Can I use two or more freeradius server certificates for the same virtual site?
Alan DeKok
aland at deployingradius.com
Thu Nov 1 13:57:05 CET 2018
On Nov 1, 2018, at 7:07 AM, work vlpl <thework.vlpl at gmail.com> wrote:
> Certificates have limited lifespan. And when certificate will expire,
> there is a probability that new certificate will not be trusted by
> clients with old configuration.
Which certificate do you mean? The client trusts the CA cert. The server cert is derived from that.
> I am searching the way to smooth it.
> One of the ideas is to configure freeradius to use two server
> certificates. They will have different expiration date. So the old
> clients will be able to use old certificate and the new clients or
> clients with updated configuration will be able to accept new server
> certificate.
If you're using the same CA cert, just change the server certificate. All clients should accept the new server certificate automatically.
> So, is it possible to use two or more freeradius server certificates?
Not really in the way that you're asking. Because it shouldn't be necessary.
Alan DeKok.
More information about the Freeradius-Users
mailing list