On Wed, Oct 10, 2018 at 11:22:40AM -0400, Davis Roman wrote: > I've working on a project that uses WPA2 enterprise using self signed > certificates on a custom embedded Linux device and we have client > devices that connect to our device. (We're essentially an access > point.) > > Both the access point and client devices currently using development > certificates however we soon wish to switch over to production > certificates. > > Some devices have already go out the door with development certs so I > was wondering if it's possible for hostapd to use both development and > production certificates at the same time so that it is able to talk to > both groups ( client devices that have production certificates and > development devices that have yet to do an upgrade to production > certificates.) Are you using hostapd as the authentication server here? If so, no, there is no support for using two separate sets of certificates simultaneously, i.e., the server implementation is hardcoded to use a single certificate in practice. You might be able to use an external RADIUS authentication server to do this, though, or alternatively, run two instances of hostapd with two different networks (different SSID, so this would likely require some client device configuration changes and as such, may not be of much help for this type of case). -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
