EAP-TLS with multiple certificates
alexmorozenko at gmail.com
Fri Jul 13 17:08:05 CEST 2018
I'm using freeradius-3.0.15 on ubuntu 16.04.
I manage one SSID with WPA2-Enterprise based on certificates.
My idea is to issue user certificates signed by different CAs, then user to
vlan based on an user certificate issuer.
I use default server with eap module that requests check-eap-tls site to
check TLS-Client-Cert-Issuer attribute.
Also I changed /etc/freeradius/mods-config/files/authorize to reflect vlan
id depending on issuer.
Tell me please is it right thinking and is it possible at all?
Earlier I tried to create two eap modules but no success yet.
Best regards, Alex Morozenko
More information about the Freeradius-Users