Re: PEAP based 802.1x LAN authentication
From: Miroslaw Slawek Chorazy (mchorazy_at_depaul.edu)
Date: 04/06/05
- Previous message: Joe Tran: "RE: Windows Server 2003 Service Pack 1"
- Maybe in reply to: Rodrigo Blanco: "PEAP based 802.1x LAN authentication"
- Next in thread: Miroslaw Slawek Chorazy: "Re: PEAP based 802.1x LAN authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 06 Apr 2005 11:18:05 -0500 To: <rodrigo.blanco.r@gmail.com>, <focus-ms@securityfocus.com>
Im not sure if you mentioned specifically or not where the certificate
that you had obtained ended up being installed at ?
Is the certificate "siting" in the right container for the PEAP to find
it?
Is the certificate in the Computer or User Store?
slawek
>>> Rodrigo Blanco <rodrigo.blanco.r@gmail.com> 4/6/2005 10:42 >>>
Hello list,
I am currently trying to configure an Active Directory (w2K server)
both for windows auth and also as RADIUS server (IAS) for LAN 802.1x
authentication. I have successfully tried 802.1x with auth methods
such as PAP, CHAP... and now am trying to move to PEAP so I can have
joint AD/802.1x auth. with a single logon.
I should install MS CA and generate a certificate for the win2K server
acting as AD/IAS.
I do not want to use this CA, but openssl instead (XCA, in fact). With
this, I have created a certificate with key usage = Server auth and
installed both the CA certificate and this certificate through the
browser.
When I try to configure PEAP in the IAS Dial-in profile, I get an
error message stating: "A certificate could not be found that can be
used with this Extensible Authentication Protocol". I think some key
usage or extended key usage attributes must be missing, or that I have
created / installed the certificate wrong, but did not find the
problem.
Any help or ideas would be more than welcome.
Thanks in advance,
Rodrigo.
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Joe Tran: "RE: Windows Server 2003 Service Pack 1"
- Maybe in reply to: Rodrigo Blanco: "PEAP based 802.1x LAN authentication"
- Next in thread: Miroslaw Slawek Chorazy: "Re: PEAP based 802.1x LAN authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
