On 8.1.2015 8.53, Sharma, Venkatesh IN BLR STS wrote: > After I fixed it, I faced another problem (this time it is a Win 8 client). I > noticed that the client was sending the wrong certificate (another > certificate from the personal store) and authentication was failing due to > that. It started working when I deleted all certificates and kept only the > Radiator's sample client certificate. > > Am I missing something in my configuration? Why is the client system not able > to select the right certificate when there are multiple certificates in the > store?
I think the behaviour depends on the client configuration. Certificate request the server sends does include the DN (expected name) for the CA. You may want to check the Microsoft information about how the certificate selection is done by the client and see if and how the user interface options, for example "Use simple certificate selection", affect the certificate selection. Thanks, Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
