Help with configuring client certificates for peap or ttls

Vacheslav m_zouhairy at skno.by
Fri Sep 15 09:40:20 CEST 2017


>I have free radius 3.0.14 and I managed to authenticate using peap and 
>ttls using the self signed server certificate. I tried to push it 
>further with requiring client certificates but that didn't work.

>Pretty much no supplicants support using client certificates with PEAP or >EAP-TTLS, so unfortunately it won't work. I think wpa-supplicant is the only >one that will.
Thank you very much for clearing this up, I struggled days and was sure it's a bug. I'm using wired dot1x so wpa isn't an option as I think that's for wireless.

>For client certificates on Windows you have to use EAP-TLS.
I wanted them to have a certificate + username and password, I think I'll have to settle for server certificate + username and password.
--
Matthew

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





More information about the Freeradius-Users mailing list