--- Phil Mayers <[EMAIL PROTECTED]> wrote:
> openssl x509 -noout -text -in theserver.crt
>
> ...will show things like:
>
> X509v3 Key Usage:
> Digital Signature, Key Encipherment
> X509v3 Extended Key Usage:
> TLS Web Server Authentication
>
> ...the latter being the one you're looking for.
>
> As Alan says, it's almost certainly oids, but
> regardless the problem is
> not at the FreeRadius side - you should look to the
> debugging on the
> cisco switch and/or the windows client ("netsh * set
> tracing on" and
> logfiles somewhere under c:\windows)
The output of my server certificate contains:
X509v3 Extended Key Usage:
TLS Web Server Authentication
As you advise, I turned tracing on and found that the
SSL handshake was not completed, the client kept
sending "Client Hello" packet but got no response from
the server. But when looking at Ethereal's dump file,
I saw that the server actually sent its certificate in
the Access-Challenge packet. I even unchecked
"Validate server certificate" in the client setting
but still no luck. What am I supposed to do now? I'm
gonna be crazy please help.
TIA,
Thai Duong.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
