EAP-TLS. If the certificate supplied by the user is signed by the certificate FreeRADIUS is using, then it assumes that the user is OK.
if i understand you correctly, you describe a case where the CA-root certificate and the server certificates are one and the same, don't you?
why not but what is it exactly good for?
ciao artur
-- Artur Hecker artur[at]hecker.info
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html