I'm using MS IAS with the Verisign server cert, and one difference is I didn't have to install IIS to get the certificate. I don't think I had to generate a cert request either. I just entered the server name online and they generated the request and the cert for me.
Those were my differences. -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Toivo Voll Sent: Tuesday, November 18, 2008 1:08 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WPA and Wireless LAN Server Certificate? Until now we've been using our regular web / SSL certificate for WPA / PEAP/MSCHAP purposes, and predictably have run into the usability issues with certificate trust prompts on the client end. (We use Cisco LWAPP / Freeradius). It appears VeriSign has a specific "Wireless LAN Server Certificate," and apparently there is work done in IETF regarding WLAN specific extensions in certificates. After a fair bit of googling I've been unable to find out just what the difference between a vanilla SSL certificate and a "Wireless LAN Server Certificate" is. Presumably the WLAN certificates won't prompt for the certificate trust, but what other difference, if any, is there? Are there providers other than VeriSign for these certificates? (Thawte, for example, seems to refer back to VeriSign for such certs.) Here's the uninformative product page: http://www.verisign.com/ssl/buy-ssl-certificates/specialized-ssl-certificates/wireless-lan-security/ Any advice or links to documentation on the matter would be greatly appreciated. -- Toivo Voll Network Administrator Information Technology Communications University of South Florida ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.