hi
it's a point of view. the certificate can belong to the user or to the machine in the same manner. windows xp explicitly distinguishes that and allows you to use machine credentials when no user info is available or guest credentials when no machine info is available, etc. if you want to authenticate the user, you have to use user certificates and put those in the user cert. repository. that's all and that has nothing to do with freeradius. on freeradius side according to tls no user passwords have to be stored. freeradius does not support ldap for certificate storage for eap/tls at the moment and probably never will (it's actually not very necessary). on the other hand, you question about password has nothing to do with TLS. tls is based in PK crypto, i.e. priv key, cert, etc. if you want a password etc., you should use md5 (hehe) or the (still) proprietary peap perhaps. that has nothing to do with freeradius neither :-) peap will hardly be implemented before its standardization though. ciao artur Beno�t B�cel wrote: > > I don't succeed to install eap-md5 with windows xp, but I succeed with > eap-tls! > But, I can just authenticate the computer with the certificate and I > would like to authenticate the user with a login and a password with LDAP! > > If you have any suggestions to help me .... -- Artur Hecker artur[at]hecker.info - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
