Hello, Yes, it would work as long the device has the LE Root Ca installed in the cert store by default.
PacketFence already support LE on RADIUS natively since version 10. Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Nov 11, 2020, at 4:30 AM, mj <li...@merit.unu.edu> wrote: > > Hi, > > Please, if I may, one qustion more: > > On 11/9/20 8:47 PM, Ludovic Zammit wrote: >> If it’s the case, one solution to fix it. Issue a certificate on PacketFence >> (RADIUS service) that would be trusted by your clients. Issue a certificate >> from a MS PKI for example (AD CS). > > We are running packetefence with Let's Encrypt certificates for the web > interface. Would it simply work, by using the same (valid) Let's Encrypt > certificate for radius? > > I found this guide: > https://framebyframewifi.net/2017/01/29/use-lets-encrypt-certificates-with-freeradius/ > > And IF it would work like that, where should we add the LE certificate to: > > - /usr/local/pf/conf/radiusd/auth.conf > - /usr/local/pf/conf/radiusd/eap.conf > > Both files? (or are these files overwritten/regenerated on pf restart?) > > (or does a simple Let's Encrypt certificate not work for this specific > purpose?)
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
