[RADIATOR] EAP TLS and XP machine authentication
Markus Moeller
huaraz at moeller.plus.com
Fri Apr 23 04:33:31 CDT 2010
Hi,
I try to use 802.1x with XP and machine authentication. I can see the radius request with username host/<fqdn> and then I see the radius server failing because the CN nor the subjectaltname(= <fqdn> only) match the username.
Fri Apr 23 09:59:40 2010: DEBUG: Response type 13
Fri Apr 23 09:59:40 2010: DEBUG: Certificate Subject Name is /DC=com/DC=DOMAIN/O=TEST/CN=host1.domain.com
Fri Apr 23 09:59:40 2010: DEBUG: Checking subjectAltName type 2, value host1.domain.com
Fri Apr 23 09:59:40 2010: INFO: EAP TLS client certificate subject /DC=com/DC=DOMAIN/O=TEST/CN=host1.domain.com does not match
user name host/host1.domain.com at unknown or identity host/host1.domain.com
Fri Apr 23 09:59:40 2010: INFO: EAP TLS certificate verification failed: application verification failure, 14579: 1 - error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
What is the right way to configure Radiator or how should the certificate be created ?
Thank you
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100423/c3d4c3bb/attachment.html
More information about the radiator
mailing list