Dear all, I'd appreciate if somebody could please explain me the meaning of certificates. I had a look at certs/README, but some things are still unclear. As far as I know there are 3 types of certificates on FreeRADIUS: * ROOT CA * Server * Client
What is the purpose of each of them? I know that ROOT CA is required to allow EAP-TLS, PEAP or EAP-TTLS. Would not having ROOT CA imported on 802.1x supplicant mean that EAP will be just EAP or PEAP etc.? What does ROOT CA do? What is the purpose of server certificate? How is that linked with MSCHAP v2? I remember I could not authenticate xp host with users file without generating certificates first. And lastly Client certificate, would I need to install this on a client PC, what do I get with that? What are the benefits of using certificates? Thanks very much for your help. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html