Windows Phone CA verification debugging
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Sep 16 10:22:39 CEST 2013
Hi,
> encountering some issues with those (yet quite rare) people with Windows
> Phone 8 (WP8) systems.
> WP8 devices are yet able to connect without (any) CA or common name
> verification, but seem
> to fail when I let them check the CA by choosing it from the device' CA
> store. (As usual), the client-side error message is not helpful at all (it
> fails to connect without any error message).
we've had no problems with self-signed CA or with 3rd party CA and standard
RADIUS certificate BUT the certificate must have CRLDP (CRL distribution point)
URL defined. that can either be at CA level or RADIUS level - or both.
eg
crlDistributionPoints = URI:http://yoururl.here/ca.crl
in the server extensions.
the HEAD for 2.2.x and 3.x FreeRADIUS has the required change to the certificate
generating code for this if you want to check/validate/verify
alan
More information about the Freeradius-Users
mailing list