Server Sertificate
Lubenski, Zeev [GCS]
zlubensk at LGSInnovations.com
Wed Jun 1 22:07:26 CEST 2011
Paul
In the RFC 5216 I see:
The EAP server will then respond with an EAP-Request packet with
AP-Type=EAP-TLS. The data field of this packet will encapsulate one
or more TLS records.
These will contain a TLS server_hello handshake
message, possibly followed by TLS certificate
This leads to believe that certificate is not mandatory ?
Regards
Zeev
-----Original Message-----
From: freeradius-users-bounces+zlubensk=lgsinnovations.com at lists.freeradius.org [mailto:freeradius-users-bounces+zlubensk=lgsinnovations.com at lists.freeradius.org] On Behalf Of Phil Mayers
Sent: Wednesday, June 01, 2011 2:58 PM
To: freeradius-users at lists.freeradius.org
Subject: Re: Server Sertificate
On 06/01/2011 08:28 PM, Lubenski, Zeev [GCS] wrote:
> We use EAP-TLS method, but in the Server Hello message don't want to
> send the certificate. How can it be disabled
>
It can't. EAP-TLS requires a server certificate and a client
certificate. Neither are optional, and neither can be disabled.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list