Hi all,
Is there any way to configure free radius + eap-tls module to avoid to send
CA certificate during EAP-TLS negotiation? As Free Radius is sending it
right now EAP-TLS packets get fragmented and I would like to avoid it.
Thanks in advance.
-
List info/subscribe/unsubscribe? See
optionally be omitted from the
chain, under the assumption that the remote end must already
possess it in order to validate it in any case.
==
Benjamin K. Eshun
- Message d'origine
De : Rafa Marin [EMAIL PROTECTED]
À : freeradius
Hi Alan,
err, no. you need to handle those fragmented packets. where is it failing,
on your network or more
remotely?
Actually, it is not failing. I got a successful authentication I was only
trying to avoid fragmentation if possible.
EAP-TLS places much larger demands on the packet sizes
did). But my immediate question
is how the server is supposed to verify client certificate if we don't
configure any CA certificate?.
i.e. don't put ca certificates of the chain into that file.
I don't know how to prevent the client from sending CA path
certificates
Rafa Marin wrote:
Hi
4 matches
Mail list logo
