: Tuesday, July 26, 2011 5:03 PM
Subject: Re: WPA2 / PEAP / EAP-TTLS / etc - valid 3rd party certificates?
Hmm... Does the esoteric Windows required criteria
(extendedKeyUsage=1.3.6.1.5.5.7.3.1 or somewhere thereabouts) :)
also work to allow macosx to not require network validation though even
Hmm... Does the esoteric Windows required criteria
(extendedKeyUsage=1.3.6.1.5.5.7.3.1 or somewhere thereabouts) :)
also work to allow macosx to not require network validation though even
for just win7+ I should see if its possible to get such a cert via
incommon...
Travis
On Mon, Jul 25,
It sounds like you want to use an ssl certificate for PEAP - that won't
generate a prompt to the user asking to trust said cert.
Unfortunately I don't think that is possible (unless you disable checking as
you mentioned) - without having someone installing (trusting) the cert ahead
of time.
I am out of the office until Monday 8/1. If you are looking for technical
support please email t...@newhampton.org or call 603-677-3454. Thanks!
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at
On 7/25/2011 3:02 PM, Travis Schick wrote:
The problem as I understand it - is that without having a network connection
- you are
unable to verify the server presenting the certificate to you - you need to
trust it
first - and for win7/macosx the default is to prompt the user.
If the
Hi,
I'm aware of the XpressConnect option to plug-and-play a connection
configuration, but
they are really beyond our budget at this point in time.
At Swansea University (UK) we use the SU1X tool to distribute and
install a self-signed cert for our windows users as well as configure
their
We are finally planning a WPA2 rollout after years of procrastination (or more
truthfully, finally having some time to devote to the task...)
We have Aruba, passing through Bradford, with Radius supplied by Radiator, and
authenticating NTLM to Active Directory (Win2K8).
With just a self-signed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu Jul 21 14:37:48 2011 Central Time, Jeff Kell jeff-k...@utc.edu wrote:
Has anyone been there/done that with a 3rd party certificate / non-IAS/NPS
solution?
We've used Verisign and now InCommon/Comodo certs with Steel Belted RADIUS
running