Hi, > Currently we have 1000´s of users self-signed certificates (EAP-TLS), > and we´re planning to move our main authentication method to PEAP, but > keeping the certificates in use while valid. > > To avoid the need of installing our CA certificate on every Windows > machine, we´ll buy the server certificate from a public CA. > Can Freeradius allow me to have both methods at the same time, ie, the > PEAP with the public CA and certificate users with our 'self-signed' CA?
easy /easier with FreeRADIUS 3 as you can define different TLS parameters for each EAP IIRC :-) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html