Perhaps so, but I'm not sure what I can put into the certificates to alter
that behavior.  There is no explicit "domain" entry in a certificate?  

If your windows domain is "OFFICE-LAN", how would you construct your
certificate information to incorporate that?

 

> -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On 
> Behalf Of Zoltan A. Ori
> Sent: Wednesday, February 09, 2005 11:02 PM
> To: [email protected]
> Subject: Re: PEAP and "fatal unknown_ca"
> 
> 
> On Wednesday 09 February 2005 19:06, Dudley Atkinson wrote:
> > So the problem is solved, but I wanted to post so that the next 
> > unfortunate that happens along with this problem has some point of 
> > reference.
> >
> > The "unknown_ca" error and the related "unknown 
> certificate" error I 
> > got later with a reconfiguration were both stemming from the same 
> > problem.  In Windows XP when PEAP is setup, there is a box 
> for stating 
> > the domain of the user.  When I had the domain in that box, 
> I got the 
> > error.  By leaving the box blank, the error resolved and PEAP 
> > authenticated successfully.
> >
> > I will post again when I have more information as to why this is so.
> >
> It is probably so due to the information you entered into 
> your certificates. 
> It has nothing to do with freeRADIUS or your supplicant.
> 
> 
> 
> 
> 


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to