TLS client and server certificates
Vacheslav
m_zouhairy at skno.by
Fri Feb 2 13:53:09 CET 2018
I want to use client certificates, so I must only authenticate on EAP-TLS?
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+m_zouhairy=skno.by at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Friday, February 2, 2018 3:48 PM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: TLS client and server certificates
On Feb 2, 2018, at 7:46 AM, wouldsmina <wouldsmina at gmail.com> wrote:
>
> Certificates (certificate_file, private_key_file, and ca_file) are
> needed to establish the EAP tunnel (with peap or ttls).
> Yes... that *is* how it works.
> I corrected my problem by removing the tls {} section into
> mods_enables/eap file... No tls, no problem (for me) :)
> Well, maybe.
> If you don't want to use EAP-TLS, then you shouldn't issue client certificates.
> And please DO NOT use the "sample" certificates in a production environment. They're only for testing.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list