Armin Krämer wrote:
I tried out the registry patch AuthMode with a value of 2 whch causes windows to authenticate with the machine certificate only. Then I generated a client certificate with openssl with the special OID 1.3.6.1.4.1.311.17.2 which was posted in the mailing list some time ago. But with this certificate authentification fails.
The correct OIDs are: RADIUS server certificate: 1.3.6.1.5.5.7.3.1 (TLS Server Authentication) Client certificate: 1.3.6.1.5.5.7.3.2 (TLS Client Authentication)
Is there anybody who successfully managed that problem and can describe me how he solved this problem step by step. I think the problem is the machine certificate.
Bump up Schannel logging to see what's really happening: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL Key: EventLogging Value: 4 (log everything) -- Tim
smime.p7s
Description: S/MIME Cryptographic Signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
