Subject: | |
From: | |
Reply To: | |
Date: | Thu, 4 Feb 2010 13:12:25 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
> Slightly off topic, but I'm trying to configure FreeRadius V2 to work
> with the Cisco Wireless Lan Controllers using WPA2. I'm running into
> trouble with Windows clients. If I configure them NOT to verify the
> certificate from the Radius Server, it connects. As soon as I configure
> the "Verify Certificate" option, it fails. The Diagnostic seems to
> indicate that it doesn't trust the certificate from the Radius Server,
> which is a CA signed Verisign cert. A Mac client presents the
> certificate on login, and I can either accept it or not. Windows isn't
> doing that, it just fails.
The README file in FreeRadius certs directory includes the following
statement:
The Microsoft "XP Extensions" will be automatically
included in the server certificate. Without those
extensions Windows clients will refuse to authenticate
to FreeRADIUS.
I would guess that the certificate you got from Verisign does not include
the extensions. If you figure out how to get them, please let me know.
Dealing through our local certificate maintainer, I never could get an
answer (or clear indication they knew what I was asking for).
--
Bruce A. Hudson | [log in to unmask]
ITS, Networks and Systems |
Dalhousie University |
Halifax, Nova Scotia, Canada | (902) 494-3405
|
|
|