WPA Supplicant EAP-TTLS Behaviour Certificate Check
i+hostap at monkz.de
Fri Aug 13 03:30:32 PDT 2021
need to know how wpa_supplicant behaves if a config like this is applied:
Would *every* radius certificate signed by this public CA (or chain with
this root) be accepted?
Or is there a check against CN / SubjectAltName?
If a constraint is given with
it does allow radius.example.com,
but does it allow radius.*malicious*example.com?
Or does the configuration has to be prefixed with a dot? To exclude
More information about the Hostap