<div dir="ltr">On Sun, Mar 3, 2013 at 9:09 AM, JDL <span dir="ltr"><<a href="mailto:JDL@imaginenet.net" target="_blank">JDL@imaginenet.net</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word">Thomas,<div><br></div><div>Most wildcard certificates that I have encountered do NOT include the domain, only subdomains. In other words "<a href="http://something.mydomain.com" target="_blank">something.mydomain.com</a>" would work but not simply "<a href="http://domain.com" target="_blank">domain.com</a>". I know you tried the actual CN, but perhaps some component is having an issue with the asterisk. If you wanted to make another test, you could try using a server name which is similar to <a href="http://something.mydomain.com" target="_blank">something.mydomain.com</a>.</div>
<div><br></div><div>Jim L.</div><div><br></div></div></blockquote><div style>Hello Jim,</div><div style><br></div><div style>I tested using <a href="http://foo.mydomain.com">foo.mydomain.com</a>, which resulted in the same error. I'm fairly certain Phil is correct that wildcard certs do not work for this purpose under Windows.</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div></div><div><br><div><div><div class="h5"><div>On Mar 3, 2013, at 7:41 AM, Thomas Simmons <<a href="mailto:twsnnva@gmail.com" target="_blank">twsnnva@gmail.com</a>> wrote:</div>
<br></div></div><blockquote type="cite"><div><div class="h5"><div dir="ltr">On Sun, Mar 3, 2013 at 6:41 AM, Phil Mayers <span dir="ltr"><<a href="mailto:p.mayers@imperial.ac.uk" target="_blank">p.mayers@imperial.ac.uk</a>></span> wrote:<br>
<div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">When you enable "validate...", what are you entering as the server name? I'm not sure wildcard certs work with eap under windows.<br>
<div><div><br></div></div></blockquote>Hello Phil,<div><br></div><div>Initially, I unchecked "Connect to these servers" and left this field empty - this is what I did with the self-signed cert that worked. I also tried *.<a href="http://mydomain.com/" target="_blank">mydomain.com</a> (the CN) and <a href="http://domain.com/" target="_blank">domain.com</a>. I can purchase a standard cert to verify this is the problem.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div>
Thomas Simmons <<a href="mailto:twsnnva@gmail.com" target="_blank">twsnnva@gmail.com</a>> wrote:<br>
<br>
>Hello All,<br>
><br>
>I'm trying to get my setup working with a GoDaddy-issued wildcard<br>
>certificate (I understand self-signed is recommended). I don't<br>
>understand<br>
>why this is not working and appreciate any input. What I have found so<br>
>far:<br>
><br>
>Everything works with self-signed certs. With the CA cert imported,<br>
>"Validate server certificate" is not required.<br>
>Everything works with GoDaddy certs on Android.<br>
>Everything works with GoDaddy certs and "Validate ..." unchecked.<br>
<br>
</div></div><span><font color="#888888">--<br>
Sent from my mobile device, please excuse brevity and typos.<br>
</font></span></blockquote></div><br></div></div></div></div><div class="im">
-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a></div></blockquote></div><br></div></div><br>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br></div></div>