wyqjnm at gmail.com
Wed Apr 5 23:03:23 EDT 2006
Jouni Malinen wrote:
>On Thu, Mar 30, 2006 at 04:37:45PM +1200, Jacky wrote:
>>Thanks, in fact I am using wpa_supplicant on Linux. I manage to find
>>the current user's certifcate in the cert MMC.
>>However, when I try to export the certificate, I can not export the
>>private key. Also what format should I export it to (DER/Base-64/.P7B)?
>Can you enroll a new machine certificate and set it to allow private
>keys to be exporting during enrollment?
I am not sure, I am using certificate machine autorollment. Don't know
where to set the keys on the cert to be exportable.
However, this is not critical now. I think I can use PEAP instead of TLS
to authenticate wpa_supplicant if I can not use the client certificate.
Am I right? However, the question now becomes how do I find out the
password of the machine account that get created when an client machine
join a domain. So that I can use this password to put on to
wpa_supplicant's configuration to see if that would work.
Bryan, you mention "You could install a password-change-sniffer DLL on
the DC and get the password from it" , would you mind giving more
details on this?
More information about the HostAP