Hi,
Currently we have 1000´s of users self-signed certificates (EAP-TLS),
and we´re planning to move our main authentication method to PEAP, but
keeping the certificates in use while valid.
To avoid the need of installing our CA certificate on every Windows
machine, we´ll buy the server
Hi, thanks for you reply (extensive to the others),
Just put both CAs in the directory pointed to by CA_path.
Curently my CA_path is where my users certificates are stored.
I thought I had to offer a different server certificate to the user. I
was able to make it work (PEAP only, not the TLS)
Hi Mathieu, thanks for your reply.
It´s not clear to me what exactly has to be done.
So, I´ll place both server certificates inside the certificate_file,
correct? Do I declare it only under the 'tls' section (not on the peap)?
How does FR knows which certificate for each method?
How do I declare
Got it now, as you said.
Using the public CA certs on certificate_file (and related private key),
and included the public CA chain on the CA_file (together with my own
CA). Still needs more testing (in more enviroments), but seems to be
working.
Thanks!
Check the difference of CA_file
4 matches
Mail list logo
