TLS client and server certificates
Alan DeKok
aland at deployingradius.com
Fri Feb 2 13:47:47 CET 2018
On Feb 2, 2018, at 7:46 AM, wouldsmina <wouldsmina at gmail.com> wrote:
>
> Certificates (certificate_file, private_key_file, and ca_file) are needed
> to establish the EAP tunnel (with peap or ttls).
Yes... that *is* how it works.
> I corrected my problem by removing the tls {} section into mods_enables/eap
> file... No tls, no problem (for me) :)
Well, maybe.
If you don't want to use EAP-TLS, then you shouldn't issue client certificates.
And please DO NOT use the "sample" certificates in a production environment. They're only for testing.
Alan DeKok.
More information about the Freeradius-Users
mailing list