need help - force EAP-TTLS to validate the server certificate
Alan DeKok
aland at deployingradius.com
Wed Sep 15 10:47:52 CEST 2010
Klaus Laus wrote:
> Hello, I have one question, is it possible to configure my freeradius server so that only clients with a ca certificate can login themselves with their username and password? I want to configure my freeradius server so that the users can only login after the successfully server certificate validation.
> At the moment I use EAP-TTLS for authentication, but the options in the clients "servercertificate validation" is optional. I want to use EAP-TTLS and force the ca certificate on the clients.
You can't force the client to validate the CA cert. That is a
configuration which needs to be set on the client.
Alan DeKok.
More information about the Freeradius-Users
mailing list