Can freeradius support multiple client CA certificates?
Zhang, Ge (Gina)
gina.zhang at alcatel-lucent.com
Mon Jun 21 18:51:32 CEST 2010
John,
Thank you very much for the information! I will try it.
Regards,
Gina
-----Original Message-----
From: John Dennis [mailto:jdennis at redhat.com]
Sent: Monday, June 21, 2010 11:20 AM
To: FreeRadius users mailing list
Cc: Zhang, Ge (Gina)
Subject: Re: Can freeradius support multiple client CA certificates?
On 06/21/2010 12:00 PM, Zhang, Ge (Gina) wrote:
> Hi list,
>
> Is it possible to support multiple client CA certificates?
> Suppose we want to support different customer groups. Each group has
> its own CA certificate. Can freeradius support that?
Yes, if the CA's are in a bundle set CA_file in eap.conf, if they are individual in a directory set CA_path instead.
If you don't understand the above read some OpenSSL documentation,
man SSL_CTX_load_verify_locations
would be a good place to start.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeradius-Users
mailing list