Thai Duong wrote:
I can be sure the client certificate has the Enhanced
Key Usage showing Client Authentication
(1.3.6.1.5.5.7.3.2). I have no way to verify whether
the server certificate contains proper OID but here is
openssl x509 -noout -text -in theserver.crt
...will show things like:
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
...the latter being the one you're looking for.
As Alan says, it's almost certainly oids, but regardless the problem is
not at the FreeRadius side - you should look to the debugging on the
cisco switch and/or the windows client ("netsh * set tracing on" and
logfiles somewhere under c:\windows)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
