Radius + EAP-TLS + LDAP
Alan DeKok
aland at deployingradius.com
Mon Jul 7 19:05:40 CEST 2008
Paweł Klisiewicz wrote:
> Is it possible to setup EAP-TLS based authentication without using third
> part CA for signing certificates ?
No.
> so basically, keep users Public key's
> (not certificates) in LDAP and make radius to retrieve them from there
> and authenticate users in this way using just pair of public and private
> key ?
No. EAP-TLS requires access to the CA key. Having access to the
user's public key doesn't help.
Alan DeKok.
More information about the Freeradius-Users
mailing list