EAP-TTLS Configuration

You can configure the RSA RADIUS server to handle Extensible Authentication Protocol-Tunneled Transport Layer Security (EAP-TTLS) authentications. RSA RADIUS requires the following certificates to handle authentication requests made using the EAP-TTLS protocol:

  • A server certificate for each RADIUS server, which is used by a RADIUS client to verify the identity of the RADIUS server. A server certificate is installed on each RADIUS server by default.

  • A trusted root certificate, which is used by a RADIUS server to verify the identity of a RADIUS client. Root certificates are not installed on the RADIUS server by default.