EAP-TTLS works for MacOS supplicants but not Win10
Alan Buxey
alan.buxey at gmail.com
Thu Sep 17 19:21:44 CEST 2020
hi,
is any prompt to trust the cert coming up on the Windows 10 box? if
not, it really doesnt like it - the root CA must pass a few
requirements for windows 10 - eg not be SHA1, it must have a CRLDP RL
defined or somesuch too. regarding deployment - you really should be
looking at a deployment tool so that your config is secure (especially
with EAP-TTLS/PAP stuff as anyone doing a simple MiTM can just then
harvest user details trivially....have you heard of eduroam? you
might want to check that out as its a free service for academic
institutions but they also provide a nice , easy to use deployment
tool for free 9such things from commercial companies cost quite a bit)
alan
More information about the Freeradius-Users
mailing list