clarification on eap configuration files and certificates
Marco Santantonio
marco.santantonio at unito.it
Wed Jun 19 15:04:19 CEST 2019
hi all,
I have some doubts about eap module configuration file.
In my organization we use a public CA for radius server certificates. The
freeradius version is 3.0.12 from debian stable repository.
What's the difference between:
1) setting only the server certificate in "certificate_file" and using
"ca_file" to indicate the certificate of authority that issued
"certificate_file"
OR
2) set in "certificate_file" not only the server certificate, but also all
of the CA certificates used to sign the server certificate and comment
"ca_file" (this is my current configuration)
I ask you this question because the ultimate goal is to deny use of EAP-TLS
and allow only PEAP.
I have read various posts with different solutions and I am a bit confused.
Thank you!
Marco
--
****************************************
Marco Santantonio
Direzione Sistemi Informativi, Portale, E-learning
Sezione Fonia, VoIP e WiFi
www.unito.it
****************************************
More information about the Freeradius-Users
mailing list