WPA2-Entreprise: which certificate to avoid changing Validate server certificate for Windows guest ?

Alan DeKok aland at deployingradius.com
Mon Sep 10 13:16:50 CEST 2018

On Sep 10, 2018, at 3:58 AM, Olivier <Olivier.Nicole at cs.ait.ac.th> wrote:
> It seems that the list of trusted roots for WAP2 is different from the
> list of trusted roots used by your browser.

  The list is the same.  But the roots are *not* trusted by default for 802.1X.

> If your goal is just to let the user validate the certificate, instead
> of modifying the connection (it is tricky and error prone) just let them
> manually validate the certificate the first time they connect, it is
> faster. easier and goes in the flow.

  That is the easiest way.

  Alan DeKok.

More information about the Freeradius-Users mailing list