EAP-TLS authentication with FreeRADIUS 2.0
Erik Norgaard
norgaard at locolomo.org
Wed Apr 9 15:28:27 CEST 2008
Hi:
I run FreeRADIUS 2.0 for EAP-TLS authentication on my wireless network,
it works fine in my test setup but there are some pieces missing I can't
figure out:
1. I'd like to add support for more than one root certificate
2. I'd like to log the certificate's distinguished name
3. I'd like to add a LDAP backend for further authentication
The point is that I don't mind sharing my network as long as I know who
people are, and it would release me of some certificate management if I
can just add CA certificates.
I'd like to log the distinguished name, as it is better when multiple
CAs are used. It would be nice too, also to store a copy of any user
certificate submitted, or log both email, distinguished name and
possibly certificate serial number.
I'd like the LDAP backend in order to add extra information for each
user and possibly block a user without revoking the certificate, and
other management tasks.
Is this possible?
Thanks, Erik
--
Erik Nørgaard
Ph: +34.666334818 http://www.locolomo.org
More information about the Freeradius-Users
mailing list