Problems using EAP-TLS with freeradius version 2
Reimer Karlsen-Masur, DFN-CERT
karlsen-masur at dfn-cert.de
Fri Feb 1 10:14:06 CET 2008
Stefan Puch wrote on 01.02.2008 09:57:
> @Reimer Karlsen-Masur
>> If the "Microsoft Smartcard Logon" extendedKeyUsage *is part* of your client
>> certificates you could work around this by disabling the trust setting of
>> valid certificate usage "Microsoft Smartcard Logon" in the CAs properties in
>> Windows build-in certificate store on the PDA.
> As the "Microsoft Smartcard Logon" extendedKeyUsage *is NOT part* of the client
> certificates there should be no problem. Something different seems to be not
> correct.
>
> Did you get a PDA using Windows Mobile working with EAP-TLS with Windows
> build-in supplicant and freeradius?
I am afraid, we do not have a Win Mob PDA to test things available. Problems
with the non-repudiation keyUsage occured with a SymbianOS based PDA.
--
Beste Gruesse / Kind Regards
Reimer Karlsen-Masur
DFN-PKI FAQ: https://www.pki.dfn.de/faqpki
15 Jahre DFN-CERT + 15. DFN-Workshop "Sicherheit in vernetzten Systemen"
am 13./14. Februar 2008 im CCH Hamburg - https://www.dfn-cert.de/ws2008/
--
Dipl.-Inform. Reimer Karlsen-Masur (PKI Team), Phone +49 40 808077-615
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstr. 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5939 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080201/a89caaaf/attachment.bin>
More information about the Freeradius-Users
mailing list