TTLS+PAP with Windows

A.L.M.Buxey at A.L.M.Buxey at
Wed Mar 15 21:44:34 CET 2017


> wrong. It should clearly say that you should run your own single-purpose EAP CA and
> distribute the EAP CA's public-key certificate in all your client configurations.

exactly. +1 - a CA that is only used for purpose of RADIUS authentication (EAP methods). 
not to be used for signing web certs or anything else. that would be defined in the CA policy.


More information about the Freeradius-Users mailing list