Mathieu Simon wrote:
Telling students how to install a internal CA root isn't going to work,
it already
didn't work for teachers in the past ...
Yes. That is a problem.
But allowing only (internal) devices with certs from the internal CA
through CA_file
would allow us to more easily
G'day
As a (hopefully) answer-able question to those experienced with EAP-TLS
that I've
been twisting my brain:
Usually I've seen example for EAP-TLS setups that used a server-side
certificate
issued from the same CA as the one it should allow EAP-TLS clients who
present
their certificate to FR.
Mathieu Simon wrote:
Usually I've seen example for EAP-TLS setups that used a server-side
certificate
issued from the same CA as the one it should allow EAP-TLS clients who
present
their certificate to FR.
Yes.
Am I guessing correctly that CA_file can contain a different list of CA(s)
Hi
Am 11.04.2013 20:08, schrieb Alan DeKok:
snip!
The real-life example would be that people could use PEAP-MSCHAPv2 for
credential-based logins (server certificate being signed by a trusted
external CA)
While that works, it's not recommended. It means that the client will
trust *any*
Hi,
I'm a little bit confused, I configure radius with self signed cert,
peap+mschap, so if I tried to connect with an android or apple device I
get the question if I want to accept the server cert, thats ok, but with
windows or linux I get the error that there is no cert, but it still
works, why
Andreas Rudat wrote:
I'm a little bit confused, I configure radius with self signed cert,
peap+mschap, so if I tried to connect with an android or apple device I
get the question if I want to accept the server cert, thats ok, but with
windows or linux I get the error that there is no cert, but
6 matches
Mail list logo