PEAP using different CA?
Fernando Hammerli
fhammerli at puc-rio.br
Wed Jul 10 19:47:55 CEST 2013
Hi Mathieu, thanks for your reply.
It´s not clear to me what exactly has to be done.
So, I´ll place both server certificates inside the certificate_file,
correct? Do I declare it only under the 'tls' section (not on the peap)?
How does FR knows which certificate for each method?
How do I declare both private keys?
Sorry for my stupid questions.
Thanks,
Fernando.
Em 10/07/2013 10:44, Mathieu Simon escreveu:
> Hi
>
> As a possible hint since your question sounds similar to an issue I had:
>
> I was looking to provide a server-side certificate to my clients from
> a public CA
> but only allow clients to authenticate via EAP-TLS when presenting a
> cert from our
> internal CA which avoids the misconfiguration to trust any certificate
> issued by the public CA.
>
> Check the difference of CA_file (containing root CA cert of your
> internal CA), but set server cert
> (including cert chain) inside certificate_file.
>
> (http://lists.freeradius.org/pipermail/freeradius-users/2013-April/065990.html)
>
> Regards,
> Mathieu
>
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130710/dcb6bc61/attachment.html>
More information about the Freeradius-Users
mailing list