Mathieu Simon wrote:
Telling students how to install a internal CA root isn't going to work,
it already
didn't work for teachers in the past ...
Yes. That is a problem.
But allowing only (internal) devices with certs from the internal CA
through CA_file
would allow us to more easily
G'day
As a (hopefully) answer-able question to those experienced with EAP-TLS
that I've
been twisting my brain:
Usually I've seen example for EAP-TLS setups that used a server-side
certificate
issued from the same CA as the one it should allow EAP-TLS clients who
present
their certificate to FR.
Mathieu Simon wrote:
Usually I've seen example for EAP-TLS setups that used a server-side
certificate
issued from the same CA as the one it should allow EAP-TLS clients who
present
their certificate to FR.
Yes.
Am I guessing correctly that CA_file can contain a different list of CA(s)
Hi
Am 11.04.2013 20:08, schrieb Alan DeKok:
snip!
The real-life example would be that people could use PEAP-MSCHAPv2 for
credential-based logins (server certificate being signed by a trusted
external CA)
While that works, it's not recommended. It means that the client will
trust *any*
4 matches
Mail list logo