EAP-TLS host certificates
Alan DeKok
aland at deployingradius.com
Wed Feb 10 17:08:32 CET 2021
On Feb 10, 2021, at 10:39 AM, Vieri Di Paola <vieridipaola at gmail.com> wrote:
> I found the time to resume my configuration and found out that
> importing the pem client certificate into the Windows "computer
> account" store does not work as I expect it to (see first post).
> However, importing the p12 certificate works perfectly.
Ah, yes. Different formats for different operating systems.
I guess it would be too much to ask for Windows to either (a) give you an error when it can't import the cert, or (b) just convert it automatically.
> I'll have to
> tailor the Makefile as required. BTW why does the Makefile copy
> client.pem to USER_NAME.pem but doesn't do the same for p12 et al.? I
> know it's just there for convenience, but I'm wondering if it's for a
> specific design purpose. Maybe it's because the pem format works fine
> on non-Windoze clients.
I've added a "cp" for the p12 certs, and updated the certs/README file to note that Windows need the p12 format.
Alan DeKok.
More information about the Freeradius-Users
mailing list