Hi All, I just want to configure freeradius with PEAP ( MS-Chap V2) . iam new to freeradius and certificates. I just want to clear from experts here that does I need any certificate in client side if I use my ownca with open SSL ? Thanks for help Regards Naveen
Hi (sorry, I'm not Alan, hope you don't mind)
I just want to configure freeradius with PEAP ( MS-Chap V2) . iam new to freeradius and certificates. I just want to clear from experts here that does I need any certificate in client side if I use my ownca with open SSL ?
No. PEAP can do without certs on the client side. You will need one for your server though. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Mean I dont want any CA or client certificate right even if I use my ownca by Openssl ? -----Original Message----- From: Stefan Winter [mailto:stefan.winter@restena.lu] Sent: Thursday, June 15, 2006 5:11 PM To: naveen@palettemm.com; FreeRadius users mailing list Subject: Re: PEAP Hi (sorry, I'm not Alan, hope you don't mind)
I just want to configure freeradius with PEAP ( MS-Chap V2) . iam new to freeradius and certificates. I just want to clear from experts here that does I need any certificate in client side if I use my ownca with open SSL ?
No. PEAP can do without certs on the client side. You will need one for your server though. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Hi,
Mean I dont want any CA or client certificate right even if I use my ownca by Openssl ?
sorry, I was unable to parse your question. As in: the sentence does not make sense to me. What exactly do you want to know? I'll try my best to give a generic answer... The server needs one certificate to identify itself to the clients. It does not have to be a from a real CA, you can generate one from openssl yourself. You just have to configure the client to accept the certificate that is presented by the server during authentication. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
participants (2)
-
Naveen -
Stefan Winter