Paul In the RFC 5216 I see: The EAP server will then respond with an EAP-Request packet with AP-Type=EAP-TLS. The data field of this packet will encapsulate one or more TLS records. These will contain a TLS server_hello handshake message, possibly followed by TLS certificate
This leads to believe that certificate is not mandatory ? Regards Zeev -----Original Message----- From: freeradius-users-bounces+zlubensk=lgsinnovations....@lists.freeradius.org [mailto:freeradius-users-bounces+zlubensk=lgsinnovations....@lists.freeradius.org] On Behalf Of Phil Mayers Sent: Wednesday, June 01, 2011 2:58 PM To: freeradius-users@lists.freeradius.org Subject: Re: Server Sertificate On 06/01/2011 08:28 PM, Lubenski, Zeev [GCS] wrote: > We use EAP-TLS method, but in the Server Hello message don't want to > send the certificate. How can it be disabled > It can't. EAP-TLS requires a server certificate and a client certificate. Neither are optional, and neither can be disabled. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html