eap-tls certificates

Munroe Sollog mus3 at lehigh.edu
Fri Oct 8 16:41:08 CEST 2021

I'm reading:

It mentions,

"You need to edit client.cnf only if you are using EAP-TLS. If not, then
that file can be left as-is."

Though it doesn't say, I'm assuming i need to edit the [req] and [client]
sections?  For the [client] section, do I need an entry for every unique
client I plan on deploying a certificate to?  I'm asking because I don't
understand the emailAddress and commonName fields in this context.

Finally, is there any documentation on how to scale this solution up to
support 15k-20k users?  I'm hoping something like LDAP or RDBMS is an

Munroe Sollog (He/Him/His)
Network Architect
munroe at lehigh.edu

More information about the Freeradius-Users mailing list