PEAP - Intermediate CA
Johan Meiring
jmeiring at pcservices.co.za
Thu May 14 15:20:11 CEST 2009
Alan DeKok wrote:
> Meyers, Dan wrote:
>> I was having this exact same problem for a significant period of time
>> when I bought a new Verisign cert for our servers which was chained (the
>> old one being directly root signed, which Verisign no longer do). It
>> would appear to be a bug/security patch in XP sometime after SP2 that
>> causes this.
>
> Ouch. That is evil.
>
> I've updated raddb/certs/README with various rants about this.
>
> Alan DeKok.
Might be usefull to add that the certificates we use (bought from
www.geotrust.com via opensrs) are directly root signed.
(Our web server certificates anyway - I assume the certificates
freeradius uses are the same kind)
Unsure whether you feel comfortable "advertising" anyone, but people
might want to know where to get a "directly signed" certificate.
--
Johan Meiring
Cape PC Services CC
Tel: (021) 883-8271
Fax: (021) 886-7782
More information about the Freeradius-Users
mailing list