Logging config to get certificate details
Jim Potter
j.potter at bathspa.ac.uk
Mon Mar 25 09:53:31 CET 2019
Hi all,
We have a PEAP eduroam setup here, and I have a suspicion that not all our
users are using/validating the server certificate - I know we can set the
clients up to not use certificates and they can still connect fine. (I'm
not completely clear on the PEAP process and whether the clients are still
using the server cert but aren't validating it, or whether no cert is used
at all in this case).
So what I'd like to find out is if I can set the server logging up to find
out about the certificates used by each client - whether a cert is being
requested, and if so, whether the certificate is being validated by the
clients. I know this is primarily a client issue, but I'm looking for signs
of this from the server so I can see how widespread this is. I've tried
auth_goodpass/auth_badpass (no luck), I'm not sure where next to look on
this - does anyone have any advice?
thanks (again) in advance
Jim Potter
More information about the Freeradius-Users
mailing list