Hi Benjamin
Is there any way to configure free radius + eap-tls module to avoid to send CA certificate during EAP-TLS negotiation?
You may have to read the RFC :-). You need the certificates to do EAP-TLS
certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
certificate must come first in the list. Each following
certificate must directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate which specifies the
root certificate authority may optionally be omitted from the
chain, under the assumption that the remote end must already
possess it in order to validate it in any case.
==================================================Benjamin K. Eshun----- Message d'origine ----
De : Rafa Marin < rafa.marinlopez@gmail.com>
À : freeradius-users@lists.freeradius.org
Envoyé le : Mercredi, 20 Juin 2007, 13h16mn 05s
Objet : Sending CA certificate during EAP-TLS
Hi all,
Is there any way to configure free radius + eap-tls module to avoid to send CA certificate during EAP-TLS negotiation? As Free Radius is sending it right now EAP-TLS packets get fragmented and I would like to avoid it.
Thanks in advance.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html