[PacketFence-users] Cert question: 802.1x windows authentication

Tue, 14 Jan 2014 10:55:47 -0800 

In a windows 802.1x standard implementation, have any of you been able to 
successfully implement the certificate check for 802.1x via PF?

Looks like the digital certificate used for freeradius needs to be updated to a 
trusted CA for this to occur.  Have any of you had success creating a CSR 
process to do this?

Is the cert used listed under /usr/local/pf/conf/radius/eap.conf?  I'm not sure 
how to generate this correctly.

eap {
        default_eap_type = peap
        timer_expire     = 60
        ignore_unknown_eap_types = no
        cisco_accounting_username_bug = no
        max_sessions = 2048
        md5 {
        }
        tls {
                certdir = ${confdir}/certs
                cadir = ${confdir}/certs
                private_key_file = /usr/local/pf/conf/ssl/server.key
                certificate_file = /usr/local/pf/conf/ssl/server.crt
                dh_file = ${certdir}/dh
                random_file = ${certdir}/random
                cipher_list = "DEFAULT"
                make_cert_command = "${certdir}/bootstrap"
                cache {
                        enable = no
                        lifetime = 24 # hours
                        max_entries = 255
                }



**********************************************
Email Disclaimer:

This email, including attachments, may contain
proprietary, confidential or privileged information. If you
are not the intended recipient, please (i) do not use,
disclose, save or retransmit this message or any
attachments, (ii) alert the sender by reply email and (iii)
destroy or delete this message and any attachments.
Delivery of this email to a person other than the intended
recipient(s) shall not constitute a waiver of privilege or
confidentiality.

CP Investments, member FINRA and SIPC, serves as
placement agent for investment products advised by
Canyon Capital Advisors LLC. This email is not intended to
be an offer to sell or a solicitation of an offer to buy any
security in any jurisdiction. We review and retain
electronic communications traveling through our network.

**********************************************
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to