On 23 Mar 2017, at 15:26, Alan DeKok <aland@deployingradius.com> wrote:
On Mar 23, 2017, at 11:14 AM, Brian Julin <BJulin@clarku.edu> wrote:
In addition, having institutions rush into using bug-ridden turnkey CA products with no regard for the institutional/procedural work needed to properly administer a CA is in nobody's best interest.
It's pretty much trivial to create your own CA. Putting it on 10K end user machines is a bit more difficult.
It’s not that difficult. We use EAP-TLS with a private CA and the database currently shows 40,303 active certificates (i.e. certs which have OSCP’d in last 90 days). Hotspot 2.0 OSU should make the process of deploy a private CA even easier (although it uses Public CA cert to do this). Regards Scott Armitage