need help - force EAP-TTLS to validate the server certificate
aland at deployingradius.com
Tue Sep 21 14:21:26 CEST 2010
Klaus Laus wrote:
> The message is clear. Yes I created a client certificate and imported it into the client.
> When I use TLS to connect to the freeradius server I can choose the client certificate in the TLS dialog and the client can login successfully.
> When I use PEAP to login I have to type in my username and password in the PEAP dialog from windows but I can not select a client certificate, the certificate is imported successfully in the windows certificate manager.
So... the issue is that you haven't configured the client to use the
> Should I be able to choose a client certificate in the PEAP dialog or should it work when the certificate is saved in the windows certificate manager and I only have to type in my username and password in the PEAP dialog?
Ask Microsoft how their software works. It's annoying to have you ask
a question here when you *already* know that you haven't configured the
client certificate for PEAP.
It means that you *know* it's not sending a client certificate. You
*know* you haven't configured one on the client. And you *still* post
the FreeRADIUS debug output, asking us to debug the *server* to see why
the client certificate isn't being used.
Microsoft has documentation for Windows. Read it.
More information about the Freeradius-Users