Re: EAP-TLS Certificate Validation

Peter Boosten wrote:


Well, I must admit it was a short one :-)
I tried this with my own signed certificates. Should make no difference
since I imported both root certificates in my workstation.

So my answer was based on my own experience, not based on any published
material. Sorry...

Peter

Peter,
Thanks much. So are you saying that based on your experience, both the
server and user must have certificates issued by the SAME CA chain in
order for EAP-TLS to authenticate successfully. Merely having trusted
CA's in each respective store for mutual exclusive CA chains is not
good enough?

Anyone else have any hard proof for this? Thanks

.

Relevant Pages

  • Re: TLS Verification
    ... not the chain is valid from within the default callback, ... connecting to each other, and each doing cert verification on the other, ... # self-signed certificates ... # are no longer needed -- either after the connection has been ...
    (comp.lang.tcl)
  • Re: Certificate Authentificatoin wont run on IAS
    ... the same "not trusted by the policy provider" msg on my IAS box. ... only the clients with certificates from a specific CA are causing the ... suddenly worked -- you are validating on a new cert chain. ...
    (microsoft.public.internet.radius)
  • Re: Creating PKCS#7
    ... still I need some guide to create the PKCS7 with certificates in it and ... and I want to put the full chain in the PKCS7 ... >> Can you use CAPICOM as it offers much easier interface to create Signed ...
    (microsoft.public.platformsdk.security)
  • Re: GnuPG vs Digital Certificates?
    ... Both techniques (GPG/PGP and Digital Certificates) have it's own uses, ... When using a GPG/PGP system you choose to trust individuals, ... certification chain. ...
    (Security-Basics)
  • Re: Standalone or Enterprise CA
    ... >> computer you must also select to export the private key and include all ... By exporting all certificates in the chain you are able to ...
    (microsoft.public.windows.server.security)
Loading