Re: Server Sertificate

2011-06-02 Thread senthil kumar
Hi, Can you send me some sample Server.cnf and Client.cnf files. I am facing some problem with the certificates. Regards Senthil On Thu, Jun 2, 2011 at 1:51 AM, Alexander Clouter a...@digriz.org.ukwrote: Lubenski, Zeev [GCS] zlube...@lgsinnovations.com wrote: This leads to believe

Re: Server Sertificate

2011-06-02 Thread Alan DeKok
senthil kumar wrote: Hi, Can you send me some sample Server.cnf and Client.cnf files. I am facing some problem with the certificates. See raddb/certs. This is documented. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Server Sertificate

2011-06-01 Thread Lubenski, Zeev [GCS]
We use EAP-TLS method, but in the Server Hello message don't want to send the certificate. How can it be disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Server Sertificate

2011-06-01 Thread Lubenski, Zeev [GCS]
We use EAP-TLS method, but in the Server Hello message don't want to send the certificate. How can it be disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Server Sertificate

2011-06-01 Thread Lubenski, Zeev [GCS]
We use EAP-TLS method, but in the Server Hello message don't want to send the certificate. How can it be disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Server Sertificate

2011-06-01 Thread Phil Mayers
On 06/01/2011 08:28 PM, Lubenski, Zeev [GCS] wrote: We use EAP-TLS method, but in the Server Hello message don’t want to send the certificate. How can it be disabled It can't. EAP-TLS requires a server certificate and a client certificate. Neither are optional, and neither can be disabled.

RE: Server Sertificate

2011-06-01 Thread Lubenski, Zeev [GCS]
, 2011 2:58 PM To: freeradius-users@lists.freeradius.org Subject: Re: Server Sertificate On 06/01/2011 08:28 PM, Lubenski, Zeev [GCS] wrote: We use EAP-TLS method, but in the Server Hello message don't want to send the certificate. How can it be disabled It can't. EAP-TLS requires a server

Re: Server Sertificate

2011-06-01 Thread Phil Mayers
On 06/01/2011 09:07 PM, Lubenski, Zeev [GCS] wrote: Paul In the RFC 5216 I see: The EAP server will then respond with an EAP-Request packet with AP-Type=EAP-TLS. The data field of this packet will encapsulate one or more TLS records. These will contain a TLS server_hello handshake message,

RE: Server Sertificate

2011-06-01 Thread Lubenski, Zeev [GCS]
To: freeradius-users@lists.freeradius.org Subject: Re: Server Sertificate On 06/01/2011 09:07 PM, Lubenski, Zeev [GCS] wrote: Paul In the RFC 5216 I see: The EAP server will then respond with an EAP-Request packet with AP-Type=EAP-TLS. The data field of this packet will encapsulate one or more

Re: Server Sertificate

2011-06-01 Thread Alexander Clouter
Lubenski, Zeev [GCS] zlube...@lgsinnovations.com wrote: This leads to believe that certificate is not mandatory ? ...which leads us to wonder why you want to use EAP-TLS? Probably best to answer: * what is it you are trying to do * how are you trying to accomplish it * what are you