kas mataz wrote: > Due to acquisition of companies, we now need to support multiple Certificate > Authorities.
See "CA_path". Certificates in that directory are allowed CA's. > Wireless is successful in v2.0.5 using EAP-TLS with one eap instance for > Company1, but when > I add a second eap instance for Company2, eap fails for Company1. Don't add a second EAP instance. > Is there a means to evaluate the certificate Issuer in the early part of the > communication using a unlang statement? > Is there a specific key word to use for the certificate issuer? No. Use CA_path, and ensure that the "c_rehash" program is used to do the various OpenSSL magic... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html