Hello, I have a question I can't seem to answer with the mail archives or documentation. Let me begin by explaining what I'm trying to do: - PEAP/MSCHAPv2 authentication, no client certificates, with a WinXP supplicant. - The server certificate is self-signed.
From the FAQ, I have:
- Installed the hot fix from MS KB 885453 - Included the required OID 1.3.6.1.5.5.7.3.1 in the server certificate - Followed MS requirements for server certificates in KB 814394 The only way I can get this setup to work, is if I import my root certificate onto my client machine. Otherwise, I get the typical Access-Request and Access-Challenge back and forth. My question: Is importing the root certificate onto your client necessary when self-signing your own server certificate? If not, then I guess I'm still doing something wrong, but I would like to make sure before I continue to troubleshoot. Any help is greatly appreciated. Regards, Damian Davalos