Hi!
We are using 802.1X EAP TTLS to Authenticate Phones in our network. It is
working, but after seeing a tcpdump, the Radius Server is sending all known
CA Certificates to the Client during EAP TLS Negotiation.
Our Config looks like this:
private_key_file = ${certdir}/radius_server.key
Daniel Finger wrote:
We are using 802.1X EAP TTLS to Authenticate Phones in our network. It is
working, but after seeing a tcpdump, the Radius Server is sending all known
CA Certificates to the Client during EAP TLS Negotiation.
That's largely how EAP-TLS works.
CA_file =
Hi!
As far as I can see the Server does not send the full certificates, but only
announces the certificates the server knows. I did not read the RFC yet, but
I assume that this only informs the client which certificates can be
requested to verify the server certificate chain.
Am 04.01.2012
3 matches
Mail list logo