11 Dec
2008
11 Dec
'08
3:37 p.m.
On Thu, Dec 11, 2008 at 9:16 AM, Attou eric <gouroueric@yahoo.fr> wrote:
Hi Everybody.
We are having some issues in setting up freeradius to support EAP-TLS, EAP-TTLS and EAP-PEAP. Our goal is to have our authentication server providing those three Auth-Type simultaneously. To support EAP-TLS, we generate our CA and certificates via TinyCA.
You can use TinyCA, but you must add the proper extended key usage. Under Openssl-Configuration in TinyCA put the OID 1.3.6.1.5.5.7.3.1 for Server Certificates into Extended Key usage, and 1.3.6.1.5.5.7.3.2 into Client Certificate Extended Key Usage. Jason