Can freeradius support multiple client CA certificates?
Robert Franklin
rcf34 at cam.ac.uk
Mon Jun 21 22:03:21 CEST 2010
On 21 Jun 2010, at 19:53, John Dennis wrote:
> A (FreeRADIUS) virtual server does not have a different IP address nor would it have different subject names nor subject alt names.
>
> I'm not getting the feeling you understand how PKI works, it might be worthwhile to read up on it.
When testing a new server certificate with a different chain to a new root CA, I set up a separate eap module with different certificates.
The two EAP modules were selected using the realm in the username -- something at cam.ac.uk gave the normal certificates and something at test.cam.ac.uk gave the new ones but used the same backend SQL lookup to find account information.
- Bob
More information about the Freeradius-Users
mailing list