EAP-TLS

Henrik Schack henrik at schack.dk
Sun Jun 6 11:11:43 CEST 2021


Yes, I have come that far, but my Mac still wants to do some
username/password authentication on top of that.
I have the CA running, CA cert on my Mac, and a client cert installed as
well.

Br
Henrik


On Sun, Jun 6, 2021 at 11:07 AM Michael Schwartzkopff <ms at sys4.de> wrote:

> On 06.06.21 11:00, Henrik Schack via Freeradius-Users wrote:
> > Great, you wouldn't happen to have a configuration example ?
> >
> > /Henrik
> >
> > On Sun, Jun 6, 2021 at 10:42 AM Michael Schwartzkopff <ms at sys4.de>
> wrote:
> >
> >> On 06.06.21 10:14, Henrik Schack via Freeradius-Users wrote:
> >>> Hi
> >>> Is it possible to configure Freeradius to require only a valid TLS
> client
> >>> cert created by own CA, in order to get an ACCEPT ?
> >>>
> >>> /Henrik
> >>> -
> >>> List info/subscribe/unsubscribe? See
> >> http://www.freeradius.org/list/users.html
> >>
> >>
> >> Yes.
> >>
>
> See sections tls-common and tls in the eap module.
>
> Basically you have to enter the data about your CA and your server cert.
>
> Mit freundlichen Grüßen,
>
> --
>
> [*] sys4 AG
>
> https://sys4.de, +49 (89) 30 90 46 64
> Schleißheimer Straße 26/MG,80333 München
>
> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
> Aufsichtsratsvorsitzender: Florian Kirstein
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html



-- 
Mvh/Best regards
Henrik Schack
Twitter: http://twitter.com/schack


More information about the Freeradius-Users mailing list