10 Jul
2013
10 Jul
'13
9:44 a.m.
Hi As a possible hint since your question sounds similar to an issue I had: I was looking to provide a server-side certificate to my clients from a public CA but only allow clients to authenticate via EAP-TLS when presenting a cert from our internal CA which avoids the misconfiguration to trust any certificate issued by the public CA. Check the difference of CA_file (containing root CA cert of your internal CA), but set server cert (including cert chain) inside certificate_file. ( http://lists.freeradius.org/pipermail/freeradius-users/2013-April/065990.htm... ) Regards, Mathieu