Can freeradius support multiple client CA certificates?

John Dennis jdennis at redhat.com
Mon Jun 21 18:19:56 CEST 2010


On 06/21/2010 12:00 PM, Zhang, Ge (Gina) wrote:
> Hi list,
>
> Is it possible to support multiple client CA certificates?
> Suppose we want to support different customer groups. Each group has
> its own CA certificate. Can freeradius support that?

Yes, if the CA's are in a bundle set CA_file in eap.conf, if they are 
individual in a directory set CA_path instead.

If you don't understand the above read some OpenSSL documentation,

man SSL_CTX_load_verify_locations

would be a good place to start.

-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



More information about the Freeradius-Users mailing list