We have just renewed our certificates on our servers, and windows clients are unable to authenticate.
Without having to select “Validate server certificate” in a wireless profile, Windows usually presents a security box informing you that the certificate may no be trusted and / or is not bound as the root anchor. From there you can continue and access is granted. However, since implementing our new certificates, Windows7 is not presenting any warnings, the radiator log files continue with challenges and requests continually. Windows8 just rejects the authentication outright: Thu Jun 12 11:05:43 2014: ERR: EAP PEAP TLS read failed: 19984: 1 - error:14094419:SSL routines:SSL3_READ_BYTES:tlsv1 alert access denied Thu Jun 12 11:05:43 2014: ERR: EAP PEAP TLS read failed: 19984: 1 - error:14094419:SSL routines:SSL3_READ_BYTES:tlsv1 alert access denied If I take our original certificate that DOES work with Windows7 / 8, and I remove the PrivateKeyPassword or change it, I get the same behaviour on both OS’s. So.. two things are likely the culprit, either the private key provided to create the cert is wrong… or Radiator limits what characters can be used for the private key. Any assistance would be grateful Michael Hulko Network Analyst Western University Canada Network Operations Centre Information Technology Services 1393 Western Road, SSB 3300CC London, Ontario N6G 1G9 tel: 519-661-2111 x81390 e-mail: mihu...@uwo.ca
_______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
