Why exactly do you want to do this instead of using standardized EAP- 
TLS?  You'll have to write your own code upates to FreeRADIUS, and I  
know of *no* supplicants that will operate in this fashion.  Seems  
like a lot more trouble than using what's already there, especially  
when you get into situations like where the certificate won't fit  
into one EAPOL packet, which is constrained by the MTU.

--Mike


On Mar 7, 2007, at 12:53 PM, Diameter K wrote:

> Hi All,
>        I want to configure free-radius to handle a simple EAP  
> described below.
>
> 1. Radius receives a IDENTITY message. The IDENTITY message  
> contains a encrypted certificate.
> 2. The server decrypts and validates the Certificate and send out a  
> EAP-Success or EAP-Failure.
>
> Is there any way i can configure freeradius to achieve this flow or  
> would i have to modify the code.  As i understand the standard  
> flows are much more complicated(with challenge), which i dont want.
>
>
> Thanks & Regards,
> Shiv
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ 
> users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to