Supplicant used different EAP type 13: (TLS)
Jouni Malinen
j at w1.fi
Fri Mar 28 06:00:11 EDT 2008
On Mon, Mar 24, 2008 at 08:10:50PM +0100, Chr wrote:
> Well if I select "Smartcard or other certificate" and press "Properties" then
> there's a checkbox like "Verify Server certificate" (or something like that,
> I don't have the any English XP SP2)...
> hostap-0.5.10-default: --- this is with Win XP default config
> + various reconnects
> hostap-0.5.10-nondefault: --- "Verify Server certificate" disabled
> - (connects & work fine!)
In the -default case, it looks like the client is sending out TLS alert
after successful certificate validation. This is a bit odd time to send
the alert, but maybe this is something that WinXP does with certain
types of certificate validation steps fail. I would guess that this is
caused by missing Server Authentication (OID 1.3.6.1.5.5.7.3.1) as
Enhanced Key Usage in the server certificate. Please take a look at
http://support.microsoft.com/kb/291010.
--
Jouni Malinen PGP id EFC895FA
More information about the HostAP
mailing list