Certificate push for eap-tls clients

Franks Andy (RLZ) IT Systems Engineer Andy.Franks at sath.nhs.uk
Wed Jun 25 13:21:48 CEST 2014

Hi All,
  I've had a look around and couldn't find much information about how to
do this, so thought I'd maybe try my luck here!
In a demonstration of clearpass (Aruba radius product) one nice thing it
did was send certificates direct to clients (or made a webpage available
with a cert download link). Does anyone know whether this is possible in
some way with a freeradius based radius system? 
Unfortunately we don't run an openssl / tinyca etc based CA, it's AD
based and I have no control over that, and we also need to stick with
TLS rather than another method of PEAP like mschapv2.
I'm not aware of an exposed api, apart from the obvious web based,
interactive one that exists with an MS CA. Anything else presumably
couldn't be controlled via linux anyway..
Any ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140625/ded1273c/attachment.html>

More information about the Freeradius-Users mailing list