Notes on how to use CA's if CA_file is NULL
[freeradius.git] / raddb / eap.conf
index b1d11b0..e942d11 100644 (file)
                        #  the same file, then private_key_file &
                        #  certificate_file must contain the same file
                        #  name.
+                       #
+                       #  If CA_file (below) is not used, then the
+                       #  certificate_file below MUST include not
+                       #  only the server certificate, but ALSO all
+                       #  of the CA certificates used to sign the
+                       #  server certificate.
                        certificate_file = ${certdir}/server.pem
 
                        #  Trusted Root CA list