Subject: | |
From: | |
Reply To: | |
Date: | Thu, 4 Feb 2010 12:26:21 -0500 |
Content-Type: | multipart/mixed |
Parts/Attachments: |
|
|
I saw that but wasn't sure if it was a general problem or a FreeRadius
specific problem. Has anyone else had to obtain a "special" certificate
to make Windows WPA work? I have a feeling I'm going to get a blank
stare if I ask for that ;)
-Mike
On 04/02/2010 12:12 PM, Bruce Hudson wrote:
>> Slightly off topic, but I'm trying to configure FreeRadius V2 to work
>> with the Cisco Wireless Lan Controllers using WPA2. I'm running into
>> trouble with Windows clients. If I configure them NOT to verify the
>> certificate from the Radius Server, it connects. As soon as I configure
>> the "Verify Certificate" option, it fails. The Diagnostic seems to
>> indicate that it doesn't trust the certificate from the Radius Server,
>> which is a CA signed Verisign cert. A Mac client presents the
>> certificate on login, and I can either accept it or not. Windows isn't
>> doing that, it just fails.
>
> The README file in FreeRadius certs directory includes the following
> statement:
>
> The Microsoft "XP Extensions" will be automatically
> included in the server certificate. Without those
> extensions Windows clients will refuse to authenticate
> to FreeRADIUS.
>
> I would guess that the certificate you got from Verisign does not include
> the extensions. If you figure out how to get them, please let me know.
> Dealing through our local certificate maintainer, I never could get an
> answer (or clear indication they knew what I was asking for).
> --
> Bruce A. Hudson | [log in to unmask]
> ITS, Networks and Systems |
> Dalhousie University |
> Halifax, Nova Scotia, Canada | (902) 494-3405
|
|
|