Hi,
just to give an update on my efforts to make XP SP3 work with EAP-TLS.
Machine based EAP-TLS authentification works for WIRED connections fine,
as I wrote in the last mail. BUT that doesn't mean that it works for
wireless connections. :-) Before SP3 there wasn't a problem with that,
with
Alexandros Gougousoudis wrote:
Hi,
just to give an update on my efforts to make XP SP3 work with EAP-TLS.
Machine based EAP-TLS authentification works for WIRED connections
fine, as I wrote in the last mail. BUT that doesn't mean that it works
for wireless connections. :-) Before SP3 there
Hi Ivan,
Try signing client certificates with the ca certificate. I have included
modified Makefile for 2.1.3. I have added make caclient.pem to
produce client certificates and cleanca to remove them. Try
importing caclient.p12 created this way onto the user machine (along
with ca.der) and see
Alexandros Gougousoudis a écrit :
Hi Ivan,
Try signing client certificates with the ca certificate. I have included
modified Makefile for 2.1.3. I have added make caclient.pem to
produce client certificates and cleanca to remove them. Try
importing caclient.p12 created this way onto the user
Thanks for your reply, but that is already what I do. I have created a
CA in TinyCA and the server has a signed server-cert and each client has
a signed client-cert (both with the XP specific usage attributes). The
CA is of course imported into the trusted authorities branch. The CN ist
the
Hi Thiebault,
you saved me. AGAIN! :-) That was the clue, not including the Email in
the DN, just saying no in TinyCA was the first step to the solution. XP
SP3 took then the cert for auth.
@Ivan: Thanks for your reply, but it's not an TinyCA issue.
Second step was, that 2000/XP = SP2
Hi Ivan,
t...@kalik.net schrieb:
You should upgrade to the latest version. If that doesn't cure it, try
making client certificate signed by the CA and not server certificate.
I had 2.1.3 running a week ago, but it didn't work also. But I wasn't
sure about the configs. Unfortunately the
The certs shouldn't be the problem. On the clients I have a client cert
with right extended-usage and the server has a server-cert with the
right attributes. In XP the certmgr says it's for
Clientauthentification. They worked with SP2. But I also tried to
install a server-cert with
So whats the problem? Is there some kine of Registry hassle? I took a
new PC with a new XP Pro (inkl. SP3) installed. There are no old
leftovers. So eap looks very buggy and beta. The certs are ok, they work
with XP SP2, so why doesn't want SP3 it?
I'am using now Freeradius 1.1.6 (I had 1.1.0)
9 matches
Mail list logo