Disable PEAP-TLS but allow PEAP

alan buxey A.L.M.Buxey at lboro.ac.uk
Tue Aug 14 17:38:15 CEST 2012

> That was a typo. I meant EAP-TLS.

this is easy to fix.

concatenate your RADIUS server and CA (and any intermediates) into
one file.

call that file in the

certificate_file =


then comment out

CA_file =

this is clearly documented:

			#  This parameter is used only for EAP-TLS,
			#  when you issue client certificates.  If you do
			#  not use client certificates, and you do not want
			#  to permit EAP-TLS authentication, then delete
			#  this configuration item.

More information about the Freeradius-Users mailing list