self-signed root CA
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Thu Jan 26 10:15:30 CET 2012
hi,
self-signed CA. the authentication is a closed-loop system. the only people
that need to trust your RADIUS server for authentication are your own
users (unlike eg a public web server). you have full control of your
own CA..and know its policies. With an external CA you are a slave to their
reputation and policies...wouldnt it be nice to come in on a monday
morning and find your CA had been removed by the OS as happened recently...
The issue is with the distribution/installation of that CA - but you already
say you have that covered..so great! :-)
alan
More information about the Freeradius-Users
mailing list