EAP-TLS authentication with FreeRADIUS 2.0

Erik Norgaard norgaard at locolomo.org
Wed Apr 9 15:28:27 CEST 2008


Hi:

I run FreeRADIUS 2.0 for EAP-TLS authentication on my wireless network, 
it works fine in my test setup but there are some pieces missing I can't 
figure out:

1. I'd like to add support for more than one root certificate
2. I'd like to log the certificate's distinguished name
3. I'd like to add a LDAP backend for further authentication

The point is that I don't mind sharing my network as long as I know who 
people are, and it would release me of some certificate management if I 
can just add CA certificates.

I'd like to log the distinguished name, as it is better when multiple 
CAs are used. It would be nice too, also to store a copy of any user 
certificate submitted, or log both email, distinguished name and 
possibly certificate serial number.

I'd like the LDAP backend in order to add extra information for each 
user and possibly block a user without revoking the certificate, and 
other management tasks.

Is this possible?

Thanks, Erik

-- 
Erik Nørgaard
Ph: +34.666334818                           http://www.locolomo.org



More information about the Freeradius-Users mailing list