Sharing a client cert for EAP-TLS with many identical devices?

Phil Mayers p.mayers at
Thu May 7 16:22:07 CEST 2015

On 07/05/15 14:41, Martin Pauly wrote:

> against FR. Now my question: Do I definitely need 140 client certs
> to deploy them on the iPads or could I get along with one cert for #
> all?

Obviously it's possible to do this. But it's a bad idea. Don't do it.

The major effort involved in using client certs is actually deploying 
them to the devices, and using a single cert doesn't help you here.

Actually generating certs is low cost, if you're using a private CA as 
you should be for this application.

More information about the Freeradius-Users mailing list