On Wed, 2007-04-04 at 22:16 +0100, Arran Cudbard-Bell wrote:
Is it really just as simple as creating the certificate, signing it with the right extensions, installing the proper rootCA on the windows machines , and configuring the windows supplicant correctly ?
Pretty much. As long as you have the proper IP address for the AP in your clients.conf, which was my particular stupidity :) Still, it seems to work for me.
Which would be
In authentication tab Enable IEEE 802.1x authentication for this network Setting EAP Type to PEAP
In properties Validate server certificate Authentication method EAP-MSCHAP v2 Checking the Root CA the certificate was signed with .
In Configure Automatically use my windows logo name and password unchecked.
I am using both client and server certificates, so the logon and password is not currently needed -- for me. -- Ian Truelsen s/v Sting Email: ian.truelsen@gmail.com AIM: ihtruelsen MSN: ihtruelsen@hotmail.com Google Talk: ian.truelsen@gmail.com