>2)or only ca certificate + client certificate ? > >the second case the linkage between the ca and client doesnt exist ( as you >said "is the server the issuer of the client`s certificate" ). >
Link is not needed. Server checks the client certificate to see if it's issued by the server (certificate). Client checks server certificate to see if it's issued by a *known and trusted" CA. Nothing checks client certificate against the CA. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
