802.1x / EAP Validate Server Certificate

Hello,
Do any of you wireless / 802.1x experts know how to tell the CE EAP
supplicant, for example PEAP, not to validate the server certificate?

I'm using 802.1x with 802.11 (Zero Config service), and I have found the
registry keys and documentation for
HKEY_LOCAL_MACHINE/Comm/EAP/Extension/25/InvokeUserNameDialog etc.

I have also found the keys
HKEY_CURRENT_USER/Comm/EAPOL/Config/[your_SSID]/Password , etc.

However, I can find no way to tell it not to validate the server
certificate. (A very bad security practice, I know, but one some
customers/consumers demand.)

(Also I'm not sure how the PEAP password is encoded, but I'm guessing
regular NT hash.)



Thanks for any pointers.

Best regards,

Erik


.

Relevant Pages

  • Re: 802.1x / EAP Validate Server Certificate
    ... The WZC user interface has a checkbox for doing the server certificate ... supplicant, for example PEAP, not to validate the server certificate? ...
    (microsoft.public.windowsce.embedded)
  • Re: WZCSVC & "Trusted Root Certification Authorities"
    ... When you look at the WZCSVC interface, you have the option to validate the ... You also have the option to select a trusted root CA. ... > We recommend validating server certificate always it's ...
    (microsoft.public.internet.radius)
  • Re: 802.1x / EAP Validate Server Certificate
    ... Wish there was more documentation, but this source code should work. ... Best regards, ... supplicant, for example PEAP, not to validate the server certificate? ...
    (microsoft.public.windowsce.embedded)
  • CRL extension period
    ... still trying to validate the DC Cert and displays an error on the cert ... Do I need to apply a patch to use those registry keys? ...
    (microsoft.public.dotnet.security)
  • IAS not authenticating users
    ... I use IAS with PEAP to authenticate wireless users, my server certificate had expired, so I deleted the expired one and issued a new one. ...
    (microsoft.public.windows.server.networking)