an overview you can read is located at http://wildbill.nulldevice.net/presentations/sslpreso/
2009/3/23 orion <meshkr...@gmail.com> > hi, > its all about being authenticated as a known part. > if A knows B as a trusted part and B have issued a certificate for C then A > will trust C. > > the server certificate is issued by the CA ( certificate authority. ) > > the client needs to have the certificate of the CA ( not the server > certificate issued from the CA ) > > the mschap v2, tls,ttls, are methods of authentication(encryption). > > the eap-ttls doesnt requires that the client have a certificate on its > own.so you need the ca certificate and the server certificate. > > 2009/3/23 Tomas <tomas.rad...@googlemail.com> > > Dear all, >> I'd appreciate if somebody could please explain me the meaning of >> certificates. I had a look at certs/README, but some things are still >> unclear. >> As far as I know there are 3 types of certificates on FreeRADIUS: >> * ROOT CA >> * Server >> * Client >> >> What is the purpose of each of them? I know that ROOT CA is required to >> allow EAP-TLS, PEAP or EAP-TTLS. Would not having ROOT CA imported on >> 802.1x supplicant mean that EAP will be just EAP or PEAP etc.? What does >> ROOT CA do? >> What is the purpose of server certificate? How is that linked with >> MSCHAP v2? I remember I could not authenticate xp host with users file >> without generating certificates first. >> And lastly Client certificate, would I need to install this on a client >> PC, what do I get with that? >> >> What are the benefits of using certificates? >> >> Thanks very much for your help. >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html