(RADIATOR) SSL certificate for 802.1x PEAP/aironet1100 WLAN

Terry Simons galimore at mac.com
Thu Jul 29 00:14:47 CDT 2004 

Hi,

On Jul 28, 2004, at 1:32 PM, Christian Wiedmann wrote:

> As far as I know, the XP server extension OID is the one that is also
> used for web servers.  Therefore, a web server certificate should work.

This is true.  There is one thing that people should probably be aware 
of, however.

At the last Networld + Interop HotStage, we did some extensive testing 
with this and it was determined that what should probably happen is to 
officially apply for some OIDs for 802.1X authentication servers.  One 
of the HotStage members that is involved in the IETF and the IEEE is 
pushing that a bit, so it could be the case that a "proper" OID set 
will come out in the future.  It could be a ways out, but I personally 
hope that it happens so we can have an "official" way of creating 
"802.1X authentication" certificates.

- Terry

>
> For what it's worth, I've successfully used a Verisign web server 
> certificate
> for PEAP authentication against Windows XP SP1.  I think there's a good
> chance a freessl certificate would work too.
>
> 	-Christian
>
> ref.:
> http://support.microsoft.com/?kbid=814394
> http://www.alvestrand.no/objectid/1.3.6.1.5.5.7.3.1.html
> http://www.ietf.org/rfc/rfc2459.txt
>
> On Wed, 28 Jul 2004, Mike McCauley wrote:
>
>> Date: Wed, 28 Jul 2004 19:35:44 +1000
>> From: Mike McCauley <mikem at open.com.au>
>> To: scottxiao at antlabs.com
>> Cc: Radiator <radiator at open.com.au>
>> Subject: Re: (RADIATOR) SSL certificate for  802.1x PEAP/aironet1100 
>> WLAN
>>
>> Hi Scott,
>>
>>
>> On Wednesday 28 July 2004 18:41, Scott Xiao  - ANTlabs wrote:
>>> Hi,Mike,
>>> Thanks, so do you have any suggestion that I can purchase regarding 
>>> the
>>> cert for radius server?Verisign?which type?If you have any 
>>> recommendation
>>> that it works well on Radiator....Thanks
>>
>> Verisign offer certificates for radius servers, but I dont know the 
>> details of
>> how to apply for one. They do work with Radiator. You should try to 
>> get it in
>> PEM format.
>>
>> Cheers.
>>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list