PEAP using different CA?

A.L.M.Buxey at A.L.M.Buxey at
Wed Jul 10 14:55:06 CEST 2013


> Currently we have 1000´s of users self-signed certificates (EAP-TLS),
> and we´re planning to move our main authentication method to PEAP, but
> keeping the certificates in use while valid.
> To avoid the need of installing our CA certificate on every Windows
> machine, we´ll buy the server certificate from a public CA.
> Can Freeradius allow me to have both methods at the same time, ie, the
> PEAP with the public CA and certificate users with our 'self-signed' CA?

easy /easier with FreeRADIUS 3 as you can define different TLS parameters
for each EAP IIRC :-)


More information about the Freeradius-Users mailing list