Re: [strongSwan] Windows 7 RC
Hi Martin, Am Donnerstag, 7. Mai 2009 14:09:04 schrieb Martin Willi: - checks for Extended Key Usage Flags - requires the DNS name entered as Gateway address to be included in the DN or as subjectAltName [1]http://wiki.strongswan.org/wiki/strongswan/Win7CertReq The DNS name of the Gateway was already included in our Gateway certificate. I extended our Gateway certificate with the following flag: [req_ext] .. extendedKeyUsage = serverAuth .. Windows 7 RC Agile vpn-client is now working again without to disable the extended certificate checks. Thanks! peter ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
Re: [strongSwan] Windows 7 RC
Hi, - checks for Extended Key Usage Flags - requires the DNS name entered as Gateway address to be included in the DN or as subjectAltName It seems that Windows 7 accepts the certificate if it fulfills these requirements. I've added a page with some details to our wiki [1]. There are some other issues we encountered with MSCHAPv2. It seems that the derivation of the EAP MSK key has changed. I'll try to update our implementation to be compatible with the RC... Regards Martin [1]http://wiki.strongswan.org/wiki/strongswan/Win7CertReq ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users