[ Re: eap-ttls failing]

Josh Hiner josh at remc1.org
Wed Jan 28 03:08:05 CET 2009


On Tue, 2009-01-27 at 23:05 +0100, tnt at kalik.net wrote:
> >Yes the cert is there, does report the correct oid etc.. etc.. Attached
> >is the client certificate I am using. I even went into the configuration
> >and made it so XP asks me to select my certificate manually. I select
> >the certificate manually and it still gives the same error as above
> >(Error in RegOpenKeyEx for base key, 2) etc.. Maybe there is still a
> >problem with the certificate but it all looks fine to me. Can you peak
> >at the cert for me? This is happening on all machines so there must be a
> >problem with it? When I install the cert it asks me for the cert
> >password which I type in (I use the password I put in the client.cnf
> >file). There should be an input and output password in client.cnf
> >correct? I'm at a loss.
> >
> 
> It is most likely a deliberate undermining of self-signed certificates.
> It looks wery much like this bug reported for machine certificates (user
> certificates weren't affected at the time).
> 
> http://social.technet.microsoft.com/Forums/en-US/itproxpsp/thread/ceaf827d-3cff-4a5f-a8e0-d32ac2bf9ea9/
> 
> Ivan Kalik
> Kalik Informatika ISP
Ug! For such a problem, I am not seeing anything come across the mailing
list. I would think that what I am doing is fairly popular? Why are more
people not complaining? This is too bad and if true, very poor.

-Josh
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list