Hi Not sure if your just having issues with the OID or something else, but I found the thread really helped to fix cert issues I had. http://lists.cistron.nl/pipermail/freeradius-users/2006-October/msg00515.htm... . I used the MS cert server as described in this listing as well as used our Novell Cert server and both worked for issuing a Cert that MS clients will accept. I am sure OpenSSL can do it to just never looked far enough into it to see the exact syntax. Hope this helps. Brett Littrell Network Manager MUSD CISSP, CCSP, CCVP, MCNE
On Monday, February 07, 2011 at 7:27 AM, in message <00a301cbc6db$90153ec0$b03fbc40$@it>, Domenico Viggiani <dviggiani@tiscali.it> wrote:
if you do, then its your loss and you'll be limited for the future of your infrastructure.
use freeRADIUS - after all, at least it will give you information and debug detailed information....when NPS goes wrong...well, good luck. I understand very well: I used older M$'IAS and it offered NO debug info at all!
this is probably a trivial issue - how did you create your CA? how did you sign the radius CRT/PKCS12 file? I used the self-generated certificates, at first startup of Freeradius service (installed from Red Hat "official" RPM package, not compiled).
What else can I do? A client PC with an OS different from XP? -- DV - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html