I am running FreeRadius at my company on a WLAN - using SSL key material issued by our internal certificate authority. All is well.
However a pretty big limitation of this security architecture is of course getting the SSL key material onto the devices. In our case - the devices are SIP phones with no wired ethernet connection. I know there are other sites with similar issues. I would like to hear some ideas on what folks are doing to manage SSL key material on devices. This would include initial key provisioning and re-keying when certs expire. Presently ours expire every 90 days. Thoughts? -- Matt - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
