24 Nov
2017
24 Nov
'17
5:58 a.m.
Hello, Just a question about the section "tls-config tls-common" of the module eap file. Do both attributes ca_file and ca_path permit to verify a client certificate in an EAP-TLS authentication ? And so, if we do NOT want to permit EAP-TLS authentication, we have to : - comment out the attributes ca_file AND ca_path - concatenate the server certificate and the CA certificate (as explained in comments) This setup should allow to establish TLS tunnel for other EAP method (TTLS, PEAP) but refuse an EAP-TLS request. Is it correct ? our am I wrong ? Regards, -- Jérôme BERTHIER