I have tested selfsing certificate, it works. I had to copy the ca.cert into windows client.
Pretty much what this link describes.
Now, i have signed certificate from our CA added into eap.conf then imported ca.pem into windows machine. 7 machine and try to authenticate, it always fails. but If I check off the validate server certificate on M$$$$$client machine it works.
I have following in my eap.conf
tls {
certdir = ${confdir}/certs
cadir = ${confdir}/certs
private_key_file = ${certdir}/myhost.example.key
certificate_file = ${certdir}/myhost.example.crt
CA_file = ${certdir}/ca.pem
dh_file = ${certdir}/dh
random_file = /dev/urandom
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
}
freeradius version is freeradius-2.1.10-5.el6.x86_64 and Red Hat Enterprise Linux Server release 6.1
This M$ is giving me nightmare :)
any idea on this would be great