> How do you get the certificates on the device in the first place? Well - that's the problem. I would like for there be a USB cable method of putting the key material on the device. Then we could build some nifty client script to automate the provisioning. But these devices in particular don't have that.
As it is - we need to setup some ad-hoc or other non-routed WLAN with PSK or WEP security, put the device(s) on there and at that point the devices can pull the certs down via http or tftp. So, here's how it goes in our test environment. We have the 'production' WLAN which must remain WPA2/EAP-TLS. For compliance there is no flexibility of the security of that WLAN. *sigh* OK no worries it makes it a cool problem to solve. :-) So I've just got a laptop temporarily setup with a little ad-hoc network for provisioning the phones via tftp. These will be in a dozen remote locations so I need to build a solution enabling rapid provisioning of the devices with minimal local technical oversight. -- Matt - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
