Am 05.04.2011 07:31, schrieb Stefan Winter:
Hi,
The solution to the problem is simple. The answer is in front of you.
Alan DeKok.
Looks like i'm blind...please give me a hint ;-) Dude... supplicants are typically configured to trust only the exact one certificate that is in the RADIUS Server (CN=... is in the supplicant conf). If you change the Subject in the cert... the supplicant won't like it any more.
Stefan
OK, once again; i have cloned a radius-server vm, the new radius-server has a new DNS-Entry, IP and a new certificate. The wlan-ssid is different from that one wich is used by the original radius. I checked both certificates, they match the requirements given by microsoft. The certificates are both singed by same CA, with same O,OU, hash-algorithm, key strength... CN is logically different and is set to host and dns name (are the same) from the new radius, like: CN=new-radius.mydomain.mycountry The complete certification path is installed on the client. The client don't have an extra client certificate, server certificate check is turned off in wireless settings. A cisco wireless controller is used for both SSIDs. Original radius works fine, with both SSIDs, new radius does not. So what's wrong? Juergen