26 Jan
2012
26 Jan
'12
4:15 a.m.
hi, self-signed CA. the authentication is a closed-loop system. the only people that need to trust your RADIUS server for authentication are your own users (unlike eg a public web server). you have full control of your own CA..and know its policies. With an external CA you are a slave to their reputation and policies...wouldnt it be nice to come in on a monday morning and find your CA had been removed by the OS as happened recently... The issue is with the distribution/installation of that CA - but you already say you have that covered..so great! :-) alan