Windows Phone CA verification debugging

A.L.M.Buxey at A.L.M.Buxey at
Mon Sep 16 10:22:39 CEST 2013


>    encountering some issues with those (yet quite rare) people with Windows
>    Phone  8 (WP8) systems.
>    WP8 devices are yet able to connect without (any) CA or common name
>    verification, but seem
>    to fail when I let them check the CA by choosing it from the device' CA
>    store. (As usual), the client-side error message is not helpful at all (it
>    fails to connect without any error message).

we've had no problems with self-signed CA or with 3rd party CA and standard
RADIUS certificate BUT the certificate must have CRLDP (CRL distribution point)
URL defined. that can either be at CA level or RADIUS level - or both.


crlDistributionPoints = URI:

in the server extensions.

the HEAD for 2.2.x and 3.x FreeRADIUS has the required change to the certificate
generating code for this if you want to check/validate/verify


More information about the Freeradius-Users mailing list