What kind of error in client-cert using EAP?
Alexandros Gougousoudis
gougousoudis at kh-berlin.de
Thu Sep 21 12:58:15 CEST 2006
Hi,
it works now. Thanks Thibault, you saved my day, again! :-)
> - the extension SubjectAltName must contain the Netbios name of the PC
> (I think)
This had no meaning in my tests. Anyway, there must be chosen a type of
that field. Did you take DNS-Name, Email or Raw? I took now DNS-Name,
but in another case there was an email in that field and the systems
authetifies without problems. So I think you can leave this field out.
> I've seen that you integrate the emailaddress in the subject (an option
> in TinyCA): can you disable this ?
Yupp, this was the mistake. It is somehome on by default. I switched it
off and created new certs as you wrote and the XP Machine works now too.
Hell, I gonna print your mail and hang it in front of me.
> This is ok, but are the certificates _exactly_ generated in the same way ?
Obiously not. As I made the same mistake over and over again. I have now
only the problem of one W2K Machine, not even asking the Radius-Server.
I assume it's some kind of inkompatibilty of drivers or NIC.
Thanks for your help:
Have that for your trouble: http://www.engelbraeu.de/images/bierkiste.gif
cu
Alex
--
ServiceCenter IT - Alexandros Gougousoudis (Leiter)
Gemeinsame Einrichtung der Kunsthochschule Berlin-Weissensee, Hochschule
für Musik "Hanns Eisler" und der Hochschule für Schauspielkunst "Ernst
Busch".
Tel.: 030 / 477 05 - 444 * Fax.: 030 / 477 05 - 445
More information about the Freeradius-Users
mailing list