The XP supplicant will just keep hammering at the server without accepting the response if the CA / server checking doesn't pass.
The other thing to do is look at the RASTLS (and/or EAPOL) logs.
eg:
netsh ras set tracing rastls enabled
And then take a look at the files in c:\windows\tracing
Cheers,
Ben
On 10/10/05, Thuis Algemeen <[EMAIL PROTECTED]> wrote:
Thanks Allan,
I used a file called xpextensions with both a client section and server a
server section.
The client certificate present on the laptop display's : Clientverificatie
(1.3.6.1.5.5.7.3.2)
The server certificate present on the server display's : Verificatie van de
server (1.3.6.1.5.5.7.3.1)
----- Original Message -----
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list" < freeradius-users@lists.freeradius.org>
Sent: Sunday, October 09, 2005 5:49 PM
Subject: Re: authenticate problem XP eap/tls
> "Thuis Algemeen" < [EMAIL PROTECTED]> wrote:
>> Here the log from freeradius, the onl error I can see is :
>> "TLS_accept:error in SSLv3 read client certificate A".
>
> That error is in the middle of the authentication session, and
> doesn't mean anything.
>
> Do the certificates you're using have the Windows OID?
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html