Re: computer authentication from windows
hello Mike, i have a big problem with this machine certificates for win2000 and xp. to create the CA and certificates i used the openssl tool. in addition i have added the microsoft OIDs in the opnessl.cnf.: 1.3.6.1.4.1.311.20.2=DER:1e:0e:00:4d:00:61:00:63:00:68:00:69:00:6e:00:65 and of course the Subjectaltname with the FQDN. but the client does not send anything. the certificates are stored in the lokal computer storage. it looks like that microsoft do not accept the certificates created with openssl for machine certificates. and now my question. wich tool do you use to create the certificates . or wich OIDs needs the certificate for microsoft compatibility. thanks in advance, jens - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: computer authentication from windows
With EAP-TLS, the machine will attempt to use a certificate that resides in the Local Computer's Personal Certificates store. With PEAP, the machine will attempt to use the machine credentials as negotiated with the domain controller. --Mike On Thu, 2004-06-17 at 18:26, Brian Craft wrote: Can anyone point me to docs about the computer 802.1x login that Windows supports? I can't find info on how it's supposed to work. All the docs say check the 'Authenticate as computer' button, but no word about what credentials the machine will try to use, or where you configure them. b.c. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html