# Distributing root CA and client certificates



## bbzz (Jun 7, 2013)

Hi all,

I have a task of implementing 802.1x authentication in our network for about 150-200 clients. I've managed EAP-TLS authentication with certificates before but only for 5-10 wireless clients, so the client certificates were distributed "by hand", so to speak.

Right now I have all set up with freeradius, but I need to ask for advice how to distribute so many certificates while keeping my life sane. This is normally not in my job description so I haven't looked into this before. Keep in mind this is mostly Unix oriented network so no Windows servers allowed.

Thanks


----------



## bbzz (Jun 8, 2013)

I'd really like to hear some ideas here, I'm sure there are people here who dealt with this before. 
PEAP-MSCHAPv2 is also an option, with only root CA distribution. But then I still need to manage passwords for all users.


----------



## bbzz (Jun 11, 2013)

Nobody ever dealt with this kind of issue?

Regards


----------



## bbzz (Jun 16, 2013)

Hello, is there anybody in there? Just nod if you can hear me, is there anyone home?


----------



## throAU (Jun 17, 2013)

I think you're in a very small group of users trying to push certs with a Unix box. I push certs on the enterprise via AD auto-deployment, and I suspect most enterprises do the same. Are your clients all Unix clients as well?


----------

