per client certificate

Ivan Kalik tnt at kalik.net
Mon Aug 18 11:06:44 CEST 2008


Read openssl manual about client revocation list.There is a field for CRL
in tls section of eap.conf.

Ivan Kalik
Kalik Informatika ISP


Dana 18/8/2008, "Tomoki Taniguchi" <tomoki.taniguchi at gmail.com> piše:

>alan,
>  thank you for your help.  I was wondering if this setup will allow me to
>revoke individual "client" certificates on the server side (when the
>laptop is stolen) without
>affecting the other certificates (both "cleint" and "server" certificates).
>
>TIA,
>Tomoki
>
>On Mon, Aug 18, 2008 at 2:38 PM, Alan DeKok <aland at deployingradius.com> wrote:
>> Tomoki Taniguchi wrote:
>>> Is there a way to setup freeradius with EAP so that each wifi-client
>>> has their own certificate to connect to the wifi network?
>>
>>  This is EAP-TLS.  See the EAP-TLS howto on the web site.
>>
>>> i want to be able to just disable a specific certificate if one one
>>> the laptops is stolen or lost.
>>> but the howtos i have come across so seem to be a setup where all
>>> wifi-clients use the same certificate to authenticate against an
>>> access point.
>>
>>  Each client needs the same *server* certificate.  This is to identify
>> the server.  They can have unique *client* certificates.
>>
>>  Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>
>
>
>--
>Tomoki Taniguchi
>SKYPE: taiyocable.com_taniguchi_tomoki
>MSN: tomoki_taniguchi at hotmail.com
>YAHOO: tomoki_taniguchi
>AIM: tomoki taniguchi
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list