No EAP-TLS with XP SP3 ?

Alexandros Gougousoudis gougousoudis-list at
Fri Jan 16 15:43:29 CET 2009

Hi Alan,

A.L.M.Buxey at schrieb:
> if you had a working 1.1.0 system then you could upgrade quickly
> to 1.1.7 - same config etc etc - and then spend 'offline-time' getting
I thought it's working, but it isn't. I upgraded to 1.1.6 from 1.1.0, 
same setup, but XP SP3 doesn't authenticate against Freeradius. Though I 
don't think it's a problem of Freeradius, because radiusd -X shows no 
requests from the XP machine. We had that a couple of years ago, when XP 
couldn't determine which certificate to use. But using the right 
extended-usage keys solved the problems. The new 802.x service is of 
course set to automatic and it's running.

If I downgrade my machines to SP2, radius works immediately. So I think 
the cert creation differs from old XP. Are there any hints about it? I 
googled for Vista and Freeradius or SP3, but most information is not for 
eap-tls, not for machinebased authentification or prior Vista or SP3.

Is XP SP3 somewhere running with EAP-TLS (machine based 
authentification)? What can I do?


More information about the Freeradius-Users mailing list