WildCard/Subject Alternative Names Cert Question

Casartello, Thomas tcasartello at wsc.ma.edu
Mon Apr 18 20:46:48 CEST 2011 

Well I was pounding my head against the wall on this as I couldn't find anything meaningful in the EAP logs. I then spoke to my CA about it and they said they've seen numerous problems with Wildcard certs and RADIUS, and that they normally just give a free normal common name cert for the RADIUS server when customers have this problem, so they gave me one. Seems like Microsoft's client just doesn't like their wildcard certs. When I put the normal cert they gave me into my FreeRADIUS server, it worked fine.

Thomas E. Casartello, Jr.
Staff Assistant - Wireless/Linux Administrator
Information Technology
Wilson 105A
Westfield State University

-----Original Message-----
From: freeradius-users-bounces+tcasartello=wsc.ma.edu at lists.freeradius.org [mailto:freeradius-users-bounces+tcasartello=wsc.ma.edu at lists.freeradius.org] On Behalf Of Casartello, Thomas
Sent: Saturday, April 16, 2011 9:58 AM
To: freeradius-users at lists.freeradius.org
Subject: RE: WildCard/Subject Alternative Names Cert Question

Ok thank you.

Thomas E. Casartello, Jr.
Staff Assistant - Wireless/Linux Administrator
Information Technology
Wilson 105A
Westfield State University

-----Original Message-----
From: freeradius-users-bounces+tcasartello=wsc.ma.edu at lists.freeradius.org [mailto:freeradius-users-bounces+tcasartello=wsc.ma.edu at lists.freeradius.org] On Behalf Of Phil Mayers
Sent: Saturday, April 16, 2011 5:36 AM
To: freeradius-users at lists.freeradius.org
Subject: Re: WildCard/Subject Alternative Names Cert Question

On 04/16/2011 02:42 AM, Casartello, Thomas wrote:
> When you say client EAP tracing do you mean on the Microsoft side, or

Yes

> is there something you can do on the freeradius side? When I lookup

No

> eap tracing I get information about generating Microsoft EAP host
> tracing files, but it's an in unreadable format (.etl) that only
> Microsoft can decode and I can't seem to find a way to make any sense
> of it. Do you mean some other kind of tracing?

You need to read them on a windows system, obviously. IIRC you need to 
use the "tracerpt" utility.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list