PEAP/MSCHAPv2 and WinXP
Damian Davalos
damian.davalos at pcc.edu
Thu Mar 22 23:30:05 CET 2007
Hello,
I have a question I can't seem to answer with the mail archives or
documentation.
Let me begin by explaining what I'm trying to do:
- PEAP/MSCHAPv2 authentication, no client certificates, with a WinXP
supplicant.
- The server certificate is self-signed.
>From the FAQ, I have:
- Installed the hot fix from MS KB 885453
- Included the required OID 1.3.6.1.5.5.7.3.1 in the server certificate
- Followed MS requirements for server certificates in KB 814394
The only way I can get this setup to work, is if I import my root
certificate onto my
client machine. Otherwise, I get the typical Access-Request and
Access-Challenge back
and forth.
My question: Is importing the root certificate onto your client necessary
when self-signing
your own server certificate?
If not, then I guess I'm still doing something wrong, but I would like to
make sure before I
continue to troubleshoot.
Any help is greatly appreciated.
Regards,
Damian Davalos
More information about the Freeradius-Users
mailing list