projects
/
freeradius.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
efa0305
)
Added note on global CA
author
Alan T. DeKok
<aland@freeradius.org>
Thu, 4 Feb 2010 07:50:37 +0000
(08:50 +0100)
committer
Alan T. DeKok
<aland@freeradius.org>
Thu, 4 Feb 2010 08:03:07 +0000
(09:03 +0100)
raddb/eap.conf
patch
|
blob
|
history
diff --git
a/raddb/eap.conf
b/raddb/eap.conf
index
569323d
..
09312c4
100644
(file)
--- a/
raddb/eap.conf
+++ b/
raddb/eap.conf
@@
-144,6
+144,10
@@
#
# http://www.dslreports.com/forum/remark,9286052~mode=flat
#
+ # Note that you should NOT use a globally known CA here!
+ # e.g. using a Verisign cert as a "known CA" means that
+ # ANYONE who has a certificate signed by them can
+ # authenticate via EAP-TLS! This is likey not what you want.
tls {
#
# These is used to simplify later configurations.