Mathieu Simon wrote:
> Telling students how to install a internal CA root isn't going to work,
> it already
> didn't work for teachers in the past ...
Yes. That is a problem.
> But allowing only (internal) devices with certs from the internal CA
> through CA_file
> would allow us to more easil
Hi
Am 11.04.2013 20:08, schrieb Alan DeKok:
>
>> The real-life example would be that people could use PEAP-MSCHAPv2 for
>> credential-based logins (server certificate being signed by a "trusted"
>> external CA)
> While that works, it's not recommended. It means that the client will
> trust *an
Mathieu Simon wrote:
> Usually I've seen example for EAP-TLS setups that used a server-side
> certificate
> issued from the same CA as the one it should allow EAP-TLS clients who
> present
> their certificate to FR.
Yes.
> Am I guessing correctly that CA_file can contain a different list of CA(
G'day
As a (hopefully) answer-able question to those experienced with EAP-TLS
that I've
been twisting my brain:
Usually I've seen example for EAP-TLS setups that used a server-side
certificate
issued from the same CA as the one it should allow EAP-TLS clients who
present
their certificate to FR.
4 matches
Mail list logo
