Different root CA for wpa_supplicant and freeradius
Carolin Latze
carolin.latze
Tue Jan 29 02:07:57 PST 2008
Hi all,
I plan to use different root CAs for the authentication server
(freeradius) and the peers (wpa_supplicant) in EAP-TLS. The reason is
that I use a TPM on the client side, which retrieves certificates from a
special CA (a so called Privacy CA), but I don't use a TPM on the server
side. Both are valid X509 certificates, so it should be possible to
authenticate each other. What do you think? Are there any implementation
issues, which forbid such a setup?
Regards
Carolin
More information about the Hostap
mailing list