I'm trying to use certificates generated with openssl to log in to a wireless network. We use EAP-TLS and a Radius server. The WLAN base station is a D-Link DWL-7000AP and the wireless card D-Link DWL-AG650.
We have got this system to work on Windows XP, although it is a bit instabile, and far from just any plug-and-play solution. Particularly if DHCP is used, there might be problems.
I also try to do it on Windows 2000.
If I install the root certificate and the users/computer's(?) key on Windows, then I managed to log on to the network. - a difference in the behaviour compared with Windows XP is, that the Windows 2000 computer does not ask for the key/certificate password. However, we would like to have the key on a smart card, and this is not successful with Windows 2000. There is some handshake but it seems like the certificate is never read from the reader, or at least never sent. The smart card reader is SCR201 from SCM Microsystems. The smart card is SETEC's Instant EID which at least is readable with SETEC's SetWeb program. Further on, when looking at the Windows services, Smart Card Service is running, but Smart Card helper Service cannot be started; I get the message "Could not start the Smart Card Service Helper on Local computer. Error 1068: The dependency service or group failed to start." Is the helper service needed? If the card is not inserted when I try to connect to the network, a requester "Please inser a smart card" pops up after a minute or so but it never ask for the PIN code.
Can anyone help?
Jan
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
