TTLS+PAP with Windows

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Wed Mar 15 21:44:34 CET 2017


Hi,

> wrong. It should clearly say that you should run your own single-purpose EAP CA and
> distribute the EAP CA's public-key certificate in all your client configurations.

exactly. +1 - a CA that is only used for purpose of RADIUS authentication (EAP methods). 
not to be used for signing web certs or anything else. that would be defined in the CA policy.

alan


More information about the Freeradius-Users mailing list