Double check of sanity with PEAP setup
Alberto Martínez Setién
alberto.martinez at deusto.es
Fri Dec 13 10:42:19 CET 2019
Hi Adam.
Clients installing a cert is a non-starter....there is no way with the
> amount of visitors.
>
I hope you are not talking about eduroam, and eduroam visitors.
> So is a CA signed TLS cert correct for PEAP auth or am I not understanding
> something in the documentation?
>
The question you should be asking yourself is: Are you sure that your
users' supplicants are checking the server cert Subject? Could they be
fooled by any cert signed under the same CA certificate?
Regards,
Alberto
More information about the Freeradius-Users
mailing list