EAP-TLS

Sun Jun 6 11:07:28 CEST 2021

On 06.06.21 11:00, Henrik Schack via Freeradius-Users wrote:
> Great, you wouldn't happen to have a configuration example ?
>
> /Henrik
>
> On Sun, Jun 6, 2021 at 10:42 AM Michael Schwartzkopff <ms at sys4.de> wrote:
>
>> On 06.06.21 10:14, Henrik Schack via Freeradius-Users wrote:
>>> Hi
>>> Is it possible to configure Freeradius to require only a valid TLS client
>>> cert created by own CA, in order to get an ACCEPT ?
>>>
>>> /Henrik
>>> -
>>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> Yes.
>>

See sections tls-common and tls in the eap module.

Basically you have to enter the data about your CA and your server cert.

Mit freundlichen Grüßen,

-- 

[*] sys4 AG

https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein