On 2/6/2013 3:16 PM, Dave Click wrote: > Is it possible to create one certificate for 20 users to share since > they will also authenticate against the Radius server ?
You can do 'auth only' which does not require a certificate. Using TLS with that is a little better. If you want proper SSL/TLS+Auth, you need individual user certificates. There is a 'duplicate connections' option but the first time someone loses their laptop or phone, or quits, you'll have to reissue a new client to everyone rather than just revoking their certificate. Otherwise, if you take no action when someone's certificate is compromised, you may as well not use certificates and just do user auth+TLS. Jim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
