24 Nov
2017
24 Nov
'17
6:46 a.m.
On Fri, 2017-11-24 at 11:58 +0100, Jérôme BERTHIER wrote:
And so, if we do NOT want to permit EAP-TLS authentication, we have to :
- comment out the attributes ca_file AND ca_path
- concatenate the server certificate and the CA certificate (as explained in comments)
To disable EAP-TLS, just comment out the entire tls{} section in mods- available/eap. You can comment out the CA options in tls-common as well if you want, but it should not be necessary. -- Matthew