802.1x with GoDaddy Certificates EAP-TTLS
johan firdianto
johanfirdi at gmail.com
Sat Jul 22 15:24:16 UTC 2023
oh Thanks.
I think certificate in web server (ssl) could be used in radius.
but , i look at in android settings, in privacy and security, there is list
of trusted root CA installed. This CA is for browser or for eap ?
Thanks. Regards
Johan
On Thu, Jun 29, 2023 at 9:59 PM Alan DeKok <aland at deployingradius.com>
wrote:
> On Jun 29, 2023, at 10:53 AM, Torsten Wilms <T.Wilms at m3connect.de> wrote:
> > Ok. But we use a GoDaddy G2 certificate. And the supplicant must have
> the root CA
>
> No.
>
> > , because if not, the device would not to be able to validate any
> GoDaddy certificate in the browser ssl connection. Or am I thinking wrong?
>
> "browser" != "supplicant"
>
> While they both run on the same device, they are different pieces of
> software, with different configurations.
>
> If you look for documentation on 802.1X and EAP, *everything* will tell
> you that you need to configure the root CA for EAP. This is how it works.
>
> The reasons are complicated and unimportant here. All that is important
> is that the root CAs used for the web are *not* automatically used for
> EAP. And there are very good reasons for that.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list