24 Sep
2015
24 Sep
'15
10:38 a.m.
Hi,
There's some good advice here:
https://wiki.terena.org/display/H2eduroam/EAP+Server+Certificate+considerati...
yep....unfortunately its scoped to just the certificate...which is a start... the next part should be the EAP/TLS stuff - TLS 1.2 support, ciphers to use.... if you are using a Diffie-Hellman useing method then ensure your DH key is at least 1024 bit etc etc ...then we go down into the rabbit hole of what clients DONT support TLS 1.2 and prevent you from scoping the cipher list to JUST TLS 1.2 methods ;-) alan