Double check of sanity with PEAP setup

Alberto Martínez Setién alberto.martinez at
Fri Dec 13 10:42:19 CET 2019

Hi Adam.

Clients installing a cert is a non-starter....there is no way with the
> amount of visitors.

I hope you are not talking about eduroam, and eduroam visitors.

> So is a CA signed TLS cert correct for PEAP auth or am I not understanding
> something in the documentation?

The question you should be asking yourself is: Are you sure that your
users' supplicants are checking the server cert Subject? Could they be
fooled by any cert  signed under the same CA certificate?


More information about the Freeradius-Users mailing list