0
votes

I want to purchase commercial SSL certificates for freeRadius server (over linux) to use for PEAP 802.1X Authentication for Windows Clients. Does anyone know if there is anything in particular that I have to look in the certificate to use it with radius? As far as I have read, a standard SSL certificate should work. Thanks!

1

1 Answers

0
votes

No a standard SSL certificate won't generally work. It needs to have some very specific OIDs for use with Windows clients. See /etc/raddb/certs/xpextensions for the specific OIDs you need.

Many CAs will include these automatically if you specify you're using the certs for 802.1X.