TLS certificates authorities.

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu Sep 8 19:43:18 CEST 2016


Hi,

> I'm using EAP-TTPS+PAP for authentication. Are there any way to prevent
> WiFi SSID spoofing without distributing my own CA certificate? Does it make
> a sense to sign my server key with any of the public CA and what should I
> supply as CN for such key?

use your own CA...as for distributing it - it wil be installed with an 802.1X
profile deployment tool....which *especially* for EAP-TTLS/PAP you should
be using  (because clients REALLY need to be configured correctly/securely
when using that method!)

alan


More information about the Freeradius-Users mailing list