29 Jan
2009
29 Jan
'09
9:52 a.m.
I am running FreeRadius at my company on a WLAN - using SSL key material issued by our internal certificate authority. All is well. However a pretty big limitation of this security architecture is of course getting the SSL key material onto the devices. In our case - the devices are SIP phones with no wired ethernet connection. I know there are other sites with similar issues. I would like to hear some ideas on what folks are doing to manage SSL key material on devices. This would include initial key provisioning and re-keying when certs expire. Presently ours expire every 90 days. Thoughts? -- Matt