EAP-TLS with multiple certificates

Алексей Морозенко alexmorozenko at gmail.com
Fri Jul 13 17:08:05 CEST 2018

Hello everyone.
I'm using freeradius-3.0.15 on ubuntu 16.04.
I manage one SSID with WPA2-Enterprise based on certificates.
My idea is to issue user certificates signed by different CAs, then user to
vlan based on an user certificate issuer.

I use default server with eap module that requests check-eap-tls site to
check TLS-Client-Cert-Issuer attribute.

Also I changed /etc/freeradius/mods-config/files/authorize to reflect vlan
id depending on issuer.

Tell me please is it right thinking and is it possible at all?

Earlier I tried to create two eap modules but no success yet.

Best regards, Alex Morozenko

More information about the Freeradius-Users mailing list