Hi,
one thing that is wired is that there are no (at least I could not find it) a step by step guide to how to get this demo certificate up and running with a supplicant for (EAP-TLS setup), here, I am refereeing to the certificate that come with A fresh install of freeradius under the dir certs/
after you install, there is a client certificate created....just as there is a server one, copy that client cert to the client. then use it.
if I want to create an EAP-TLS based system..... and considering certificate generation , then isn’t it just as follows:
1. Copy the existing ca.pem from "/etc/freeradius/certs" to the client
yes
2. Generate client.key and client.pem at the client (supplicant)
no. use the provided script to generate client certs then give them to the client there are several tools out there that enable you to run your own PKI/CA system for delivering client certs - mainly for use with VPN systems - they'll work here too. alan