Force CA validation

Lech Karol Pawłaszek ike at szluug.org
Thu Nov 26 13:06:45 CET 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fernando Calvelo Vazquez wrote:
> How can I force the CA validation on a EAP-TTLS configuration.
> If in my Windows-Supplicant software I select the CA validation, it
> works. But if remove it, and I use only the User-Credentials
> Authentication part... it works also.
> I would like to force that the CA certification Authentication part must
> be mandatory also.

Use EAP-TLS. It requires client-side certificate.

Kind regards,

- --
Lech Karol Pawłaszek <ike>
"You will never see me fall from grace" [KoRn]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.12 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJLDm9UAAoJEAinxibr2rgG/PMIAKpMnoFhDRECRyK1lywIaVD/
mVwrbDRwIBNYE8/YGPZF3Xq7ZZCWkFQALU6Pk7drnzHU5yWRYPbNugkPw3I4Ps8D
voAU2WxDUAa4rxW4dEG/6QeimUPPp/fN3dYf336ww+j/7Zd5TgYdWsFah37rbksF
3WzaIen69RsmHZMSJo2Jt0ujJfzEWYTFdvIGZF76kqUXor+P7Lm4fONJmUBSVZiA
eImBj7m8c2TdPBMmwyl9iO6+sf6k8ivU79q7INeA5lV+JKclp2hw3Dd/rhWp5Ff9
rcj3fdTpvMEHZk/8QHf8vc0LYo/ZJ1+BY2K23Pa4ya0F9bfRuO0VAfn+teMqKSY=
=wNt4
-----END PGP SIGNATURE-----



More information about the Freeradius-Users mailing list