Thomas Simmons wrote:
On Win 7, with "Validate ..." checked, I receive the following error:
[peap] Length Included [peap] eaptls_verify returned 11 [peap] <<< TLS 1.0 Alert [length 0002], fatal access_denied TLS Alert read:fatal:access denied
The Windows box is refusing to accept the servers certificate.
The GoDaddy certs appear to have the necessary "XP Extensions". The following is reported under "Enhanced Key Usage" when I view the cert in Windows: Server Authentication (1.3.6.1.5.5.7.3.1) Client Authentication (1.3.6.1.5.5.7.3.2)
OK.
I added my certificate to the beginning of the chain file provided by GoDaddy (used cat to ensure no errors) and pointed certificate_file to this. I then selected the "Go Daddy Class 2 Certification Authority" under the network profile. When this did not work, I imported the chain file into my Trusted Root CAs and selected "GoDaddy Secure Certification Authority" in the wifi profile. This also did not work. Lastly, I cleaned up my certificate store, split apart the chain file into separate files, imported "GoDaddy Secure Certification Authority" into my Trusted Root CAs, selected the same in the wifi profile, and pointed certificate_file to my cert ONLY. Does anyone see a reason this should not work? Ideas on what to try next? Thank you.
Ask Microsoft why their software doesn't work. It sounds like you followed all of the right steps. Maybe you missed something minor (and critical). It's hard to say. There's a lot of magic in SSL. Alan DeKok.