[RADIATOR] EAP TLS issues "routines:SSL3_READ_BYTES:tlsv1 alert access denied"
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Thu Feb 20 02:41:33 CST 2014
Hi,
> To make sure I'm on the same page with you, I'm guessing by "supplicant"
> you mean the wireless client (in this case a Windows 7 laptop)? There's no
> configuration that pops up immediately on that one. I tell it to connect
> to the network and it pops up a username / password dialog no other
> options to set.
yes, supplicant is the term used for the OS component that deals with the 802.1X
before dropping back to the main TCP/IP stack
you will be finding, as many '802.1X pioneers' before you - such as the eduroam
folk - how many varied clients and behaviours there are in the world.
Windows 8 and Windows Phone devices, for example, also require CRLDP field
to be present in the certificate chain (either in the server cert, or the CA
or both - doesnt matter....why??? why when there is no way it can validate that
cert until after its actually connected to the network? no-one knows...and noone
as far as I'm aware, from microsoft has explained or cleared the issue).
it could be that. by default, your chosen CA is not in the default known CA
list in Windows 7 - use the mmc snap-in , check the certs present in Trusted Root
etc to see if its there...some 'common' CAs only make it via eg windows update patches
alan
More information about the radiator
mailing list