Stefan Winter wrote:
Hi,
Sending Access-Challenge of id 0 to 10.48.244.21 port 49154
EAP-Message = 0x0112000a0d8000000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3f9387f3adb41ddea578c30fd328358f
Finished request 13
Going to the next request
Waking up in 6 seconds...
This *doesn't* look like it works. The server sends a packet to the client,
and the client refuses to answer thereafter. The usual cause of this, which
generates the same question and the same answers multiple times a week in
this list, is that the server cert doesn't have the MS TLS Web Server
Authentication OID in the cert. Please read the various documentation about
I wonder if it would be possible to have the PEAP, TLS and TTLS EAP
sub-modules print a VERY LOUD WARNING if that OID is missing from the
certificate on startup?
A quick 60 second scan of the OpenSSL API doesn't show the obvious call,
but given how incomprehensible the OpenSSL API is in general, that's not
surprising...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- Re: Everything lookslike it works, but PC is not a... Phil Mayers
-
