freeradius, samba, AD peap/mschap-v2 redundancy and Certificate

John Dennis jdennis at
Wed Sep 15 20:35:49 CEST 2010

On 09/15/2010 02:07 PM, schilling wrote:

> For certificate, do we need a server certificate for both radius1 and
> radius2 if we want supplicant to verify the server certificate?

yes, certificates bind a subject to a public key, in this case the 
subject is the ip address of your radius server. Since you'll be running 
the servers on two different machines for redundancy they will have 
different ip addresses, thus each needs it's own cert.

John Dennis <jdennis at>

Looking to carve out IT costs?

More information about the Freeradius-Users mailing list