5May
EAP TLS identity requriements
I am using freeradius to test EAP-TLS. Authorization only succeeds if I specify an identity. It doesn't even have to match any fields in the client certificate. Why is that required if I have a cert and private key? I know the EAP protocol has a response message that has to include an identity string. Is there a configuration where the AS accepts an empty field?
My stack is:
- AP (NAS): Openwrt running HostAP
- AS: freeradius
- supplicant: wpa_supplicant
