(RADIATOR) Certificate Migration

stevecap cappy.s at gmail.com
Mon Jul 24 10:15:51 CDT 2006


We are migrating Radiator from self signed certs to Public Certificate
authority and are wondering if anyone has done this before.  Can we have our
self signed and public certs on the same server and slowly migrate our
clients?  We are using TTLS and would like to have a smooth migration.

On the mailing list I saw this, but no response.

 Pavel Paprok wrote:
> Hallo,
>
> is it possible to use EAP with two alternative certificates directories
> (two independenty generated private certificates) AT ONCE?
>
> Users are verified via EAP-PEAP resp EAP-TLS and prompted for
login/password.
> I want to migrate to new certificates but is a problem that some users
have
> stored old root certificate and other users new root certificate (their hw
devices
> can store only one root certificate at once). So I would like to use both
certificates
> in server side at once to be able migrate to new certificates smoothly.
>
> Until I tried AuthBy GROUP to define two AuthBy FILE sections with EAP
> definitions for each set of private certificates but no way. Is it even
possible
> to use two completely different certificates on server side?
>
> Thanks,
> Pavel


Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20060724/22458ccf/attachment.html>


More information about the radiator mailing list