understanding the process of setting up eap-tls server/client certs

Michael Martinez mwtzzz at gmail.com
Sun Mar 20 17:55:42 CET 2016


One thing I forgot to mention in the previous discourse, is that I'm
assuming that eapol_test does not send the client private key over the
wire in the case where you give it a single file that contains both
the client cert and private key. Hopefully it parses out the cert and
only transmits that to the radius server.

Other thing, just so people are aware, I tried testing this with
jradius but it didn't work. It gets like halfway into the EAP-TLS
dialogue, but when radius requests the client certificate, Jradius
fails to send it. So there's some sort of bug in Jradius. Not
suprising, it looks like the last time their code was updated was in
2004.


More information about the Freeradius-Users mailing list