Force CA validation

tnt at kalik.net tnt at kalik.net
Thu Nov 26 19:30:15 CET 2009


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Fernando Calvelo Vazquez wrote:
>> How can I force the CA validation on a EAP-TTLS configuration.
>> If in my Windows-Supplicant software I select the CA validation, it
>> works. But if remove it, and I use only the User-Credentials
>> Authentication part... it works also.
>> I would like to force that the CA certification Authentication part must
>> be mandatory also.
>
> Use EAP-TLS. It requires client-side certificate.

You can avoid CA validation for EAP-TLS in the same way.

Ivan Kalik




More information about the Freeradius-Users mailing list