Can freeradius support multiple client CA certificates?

John Dennis jdennis at
Mon Jun 21 18:19:56 CEST 2010

On 06/21/2010 12:00 PM, Zhang, Ge (Gina) wrote:
> Hi list,
> Is it possible to support multiple client CA certificates?
> Suppose we want to support different customer groups. Each group has
> its own CA certificate. Can freeradius support that?

Yes, if the CA's are in a bundle set CA_file in eap.conf, if they are 
individual in a directory set CA_path instead.

If you don't understand the above read some OpenSSL documentation,

man SSL_CTX_load_verify_locations

would be a good place to start.

John Dennis <jdennis at>

Looking to carve out IT costs?

More information about the Freeradius-Users mailing list