Not verifying username in EAP-TLS
Hi, I want to bypass user verification when using EAP-TLS - i.e. freeRADIUS should only verify the certificate validity without verifying that the user name, contained in CN part of the Subject field in the certificate, is present in the user database. Is it possible to do this? If so, what should the configuration look like? Thanks, Anurag
Verma Anurag-VNF673 wrote:
I want to bypass user verification when using EAP-TLS – i.e. freeRADIUS should only verify the certificate validity without verifying that the user name, contained in CN part of the Subject field in the certificate, is present in the user database. Is it possible to do this? If so, what should the configuration look like?
That's how the server works by default. You shouldn't need to change anything. Alan DeKok.
On 01/27/2012 12:19 PM, Verma Anurag-VNF673 wrote:
Hi,
I want to bypass user verification when using EAP-TLS – i.e. freeRADIUS should only verify the certificate validity without verifying that the user name, contained in CN part of the Subject field in the certificate, is present in the user database. Is it possible to do this? If so, what should the configuration look like?
This is the "devel" list. It's for discussions of the FreeRADIUS code, not config and use questions. Please re-send your query to the freeradius-users list.
participants (3)
-
Alan DeKok -
Phil Mayers -
Verma Anurag-VNF673