WPA2-Entreprise: which certificate to avoid changing Validate server certificate for Windows guest ?
oza.4h07 at gmail.com
Mon Sep 10 09:23:01 CEST 2018
I'm running a WPA2 Enterprise Wifi network powered by Freeradius 3.0.12 on
Currently, Windows guests need to follow a rather long and error prone
process like the one described in .
The core of this process, is, if I'm not mistaken, to change a default
value in Protected EAP Properties configuration window.
This default value that needs to changed is the "Validate server
certificate" one: its default value is checked (see point 9 in referenced
My understanding of this default value is that, "by default, Windows will
validate Server Certicate using a list of Trusted Root Certificate
Authorities and if no Server Certificate is received then connection is
refused with a somehow misleading "Incorrect password" error message"..
My questions are:
1- In this context, is correct to say the Server Certicate Windwos is
refering to, is a file somewhere in /etc/freeradius directory ? If
positive, how does it look like ? A .pem file ? A .der file ?
2- Is it correct to hope that "if WiFi guests are somehow given such a
Server Certificate file before trying to connect, they won't need to change
Protected EAP Properties" ?
More information about the Freeradius-Users