Re: Everything lookslike it works, but PC is not authentified
On 9/4/06, Alexandros Gougousoudis <gougousoudis@kh-berlin.de> wrote:
I read that again and again, but I already have these OID in the certs.
Here a dump of my server-cert:
No, you don't.
from Alan's post:
# 1.3.6.1.4.1.311.17.2
while "TLS Web Server Authentication" is 1.3.6.1.5.5.7.3.1
and "TLS Web Client Authentication" is 1.3.6.1.5.5.7.3.2
What else could be a problem? How do you guys handle the
"host/<netbiosname>" problem? Could that brake the cert?
Currently that doesn't even get considered, as according to your log
you don't check for the CN. Afaik you might strip it by using the
with_ntdomain_hack directive.
Further changes changes depend on the eap type you want to use. I have
already asked about that.
regards
K. Hoercher
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.