On Tue, Nov 15, 2011 at 01:58:25PM -0600, Whitlow, Michael wrote:
All,
I have one minor issue to ask the group about.
Using Freeradius to authenticate 802.1X wireless clients, I noticed that if I try to connect to the wireless network and I purposely put in a bad password I still get the popup to validate the server certificate.
On the other radius implementations I am used to the cert validation does not happen until after the user is authenticated. I imagine I have something configured not quite right but I don't know what.
So, in Freeradius is there a way to change it so the validate server certificate comes only after successfull authentication?
Thanks much,
Mike
If the server cert is bogus, you should not send any authentication information down a compromised connection. It sounds like it is functioning correctly now and was broken then. Cheers, Ken