About the file pointed at by setting "certificate_file"

Alan DeKok aland at deployingradius.com
Mon Sep 8 15:33:43 CEST 2014

Axel Luttgens wrote:
> Reading that part of the comments:

  Those comments are old, and don't apply to v3.  I've removed them.

> I was under the impression that EAP-TLS authentication attempts wouldn't be allowed by FR when commenting out the "ca_file = ..." line.

  I was under the impression that I already described how EAP-TLS works
in v3.

> Since I currently haven't made any provision for EAP-TLS (handling of client certificates and so on), this could perhaps be a good thing.

  I already said EAP-TLS works by creating client certs.  If you're not
creating client certs, then EAP-TLS won't work.

  Please READ my messages.

  Alan DeKok.

More information about the Freeradius-Users mailing list