On 15 September 2017 08:40:20 BST, Vacheslav <m_zouhairy@skno.by> wrote:
I have free radius 3.0.14 and I managed to authenticate using peap and ttls using the self signed server certificate. I tried to push it further with requiring client certificates but that didn't work.
Pretty much no supplicants support using client certificates with PEAP or >EAP-TTLS, so unfortunately it won't work. I think wpa-supplicant is the only >one that will. Thank you very much for clearing this up, I struggled days and was sure it's a bug.
You're not the only one... :(
I'm using wired dot1x so wpa isn't an option as I think that's for wireless.
It's the same supplicant used for both.
For client certificates on Windows you have to use EAP-TLS.
I wanted them to have a certificate + username and password,
Yes, using both together is not currently possible. -- Matthew