EAP-TLS Certificate renewal
Alan DeKok
aland at deployingradius.com
Tue Mar 8 18:39:55 UTC 2022
On Mar 8, 2022, at 11:51 AM, Dario Barbon <dbarbon at olicom.eu> wrote:
> I've setup Freeradius EAP-TLS for Android device following this tutorial by Techtalk (https://techtalkblog.ch/ubuntu-18-04-freeradius-v3-wifi-authentication/).
> The first certificate I've issued will expire next July: Is there a way to extend the life of this certificate?
Not really. You just issue a new one.
> What are the best practices to manage certificates under Freeradius environment?
Pretty much the same as anything else which uses certificates.
* Keep the private keys secure
* if you use your own CA, make the certificate lifetimes reasonably long
* getting the certs onto the client devices can be a paid, tho recent WBA changes make that easier.
Alan DeKok.
More information about the Freeradius-Users
mailing list