Yes, I have come that far, but my Mac still wants to do some username/password authentication on top of that. I have the CA running, CA cert on my Mac, and a client cert installed as well. Br Henrik On Sun, Jun 6, 2021 at 11:07 AM Michael Schwartzkopff <ms@sys4.de> wrote:
On 06.06.21 11:00, Henrik Schack via Freeradius-Users wrote:
Great, you wouldn't happen to have a configuration example ?
/Henrik
On Sun, Jun 6, 2021 at 10:42 AM Michael Schwartzkopff <ms@sys4.de> wrote:
On 06.06.21 10:14, Henrik Schack via Freeradius-Users wrote:
Hi Is it possible to configure Freeradius to require only a valid TLS client cert created by own CA, in order to get an ACCEPT ?
/Henrik - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yes.
See sections tls-common and tls in the eap module.
Basically you have to enter the data about your CA and your server cert.
Mit freundlichen Grüßen,
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Mvh/Best regards Henrik Schack Twitter: http://twitter.com/schack