* SP2 or at least KB826942 loaded
* AuthMode key set to 2
* certs + ca loaded into machine store
* certs with the correct attributes + the magic attribute I've mentioned before
* make sure you select the correct CA in "Validate server certificate" section
* send a big bouquet of flowers to Microsoft for having an utterly unscriptable interface for wireless
If you've got multiple private certs loaded into the machine store then you might have issues with the selection process - as far as I can tell it chooses the certificate with the newest "Not Before" attribute (but that could be an artifact of some other selection criteria).
Also watch for timing issues - XP won't use certificates if the time is outside the validity period (i.e. your CA time is ahead of your workstation time).
Most of the tutorials cover most of this, but they almost never talk about untangling the knots from slight misconfiguration issues.
(Yes, I've dealt with almost every quirk there is to do with EAP-TLS; until tomorrow when we find some more)
Cheers,
Ben
On 9/2/05, Marc-Henri Boisis-delavaud <[EMAIL PROTECTED]> wrote:
Le 31 août 05 à 18:53, Alan DeKok a écrit :
> =?ISO-8859-1?Q?J=E9r=E9my_Cluzel?= < [EMAIL PROTECTED]> wrote:
>
>> Sorry, but I didn't find any references of this OID in the
>> creation scripts in the "scripts" directory (Ca.all , CA.certs...).
>> The only OID added seem to be 1.3.6.1.5.5.7.3.1 and
>> 1.3.6.1.5.5.7.3.2 (in "xpextensions").
>> Is there any way to do this without patching openssl (like
>> explained there http://lists.cistron.nl/pipermail/freeradius-users/
>> 2004-July/034141.html) ?
>>
>
> You can use that OID just like the other ones.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
> users.html
>
Can you explain how we can activate 802.1x authentification before
logon on xp. And what are the prerequisites ?
Marc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
