[EMAIL PROTECTED] wrote:
> I did read that, but I was trying to reject TLS. It also says, "If you
> do not use client certificates, and you do not want to permit EAP-TLS
> authentication, then delete this configuration item", referring to
> CA_file. I just want to point out that it appears you can't actually
> delete that, although it would have been an intuitive way to deny
> EAP-TLS. Hopefully, that was the original intent.
It also says:
# If CA_file (below) is not used, then the
# certificate_file below MUST include not
# only the server certificate, but ALSO all
# of the CA certificates used to sign the
# server certificate.
Please read ALL of the comments in a module you are configuring.
Selectively reading them means that you miss vital information.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
