Supplicant used different EAP type 13: (TLS)
Jouni Malinen
j
Fri Mar 28 03:00:11 PDT 2008
On Mon, Mar 24, 2008 at 08:10:50PM +0100, Chr wrote:
> Well if I select "Smartcard or other certificate" and press "Properties" then
> there's a checkbox like "Verify Server certificate" (or something like that,
> I don't have the any English XP SP2)... ?
> hostap-0.5.10-default: --- this is with Win XP default config
> ????????????????????????????????????????+ various reconnects
> hostap-0.5.10-nondefault: --- "Verify Server certificate" disabled
> ????????????????????????????????????????- (connects & work fine!)
In the -default case, it looks like the client is sending out TLS alert
after successful certificate validation. This is a bit odd time to send
the alert, but maybe this is something that WinXP does with certain
types of certificate validation steps fail. I would guess that this is
caused by missing Server Authentication (OID 1.3.6.1.5.5.7.3.1) as
Enhanced Key Usage in the server certificate. Please take a look at
http://support.microsoft.com/kb/291010.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list