4 Sep
2006
4 Sep
'06
5:22 a.m.
On 9/4/06, Alexandros Gougousoudis <gougousoudis@kh-berlin.de> wrote:
I read that again and again, but I already have these OID in the certs. Here a dump of my server-cert: No, you don't. from Alan's post: # 1.3.6.1.4.1.311.17.2
while "TLS Web Server Authentication" is 1.3.6.1.5.5.7.3.1 and "TLS Web Client Authentication" is 1.3.6.1.5.5.7.3.2
What else could be a problem? How do you guys handle the "host/<netbiosname>" problem? Could that brake the cert?
Currently that doesn't even get considered, as according to your log you don't check for the CN. Afaik you might strip it by using the with_ntdomain_hack directive. Further changes changes depend on the eap type you want to use. I have already asked about that. regards K. Hoercher