WPA Certificate Question
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Sun Jan 31 20:11:09 CET 2010
Hi,
> to these servers" client field, just enter the 'common name' entered on
> the certificate? I wonder if a wildcard cert would work for this. As in
> *.myorg.ca, then entering *.myorg.ca for client servers field. Just asking
> because I have one of those.
depends on supplicant - some understand wildcards...some just need the
domain name to be specified
> In the README file there is this warning:
>
> "You will have to ensure that the certificate contains the XP
> extensions needed by Microsoft clients."
>
> But I can't find any further information about it. How do I ensure my
> certificate has these extensions? Would a CA signed cert have this?
check the FreeRADIUS certificate makefile - you can see the xpextensions
file and the required attributes. you can use the openssl tool to view
the certificate in text mode - whethr the CA will sign it - you
may have to request this functionality
alan
More information about the Freeradius-Users
mailing list