Vista clients and EAP-TLS authentication - problem with certificates
Guest
Posts: n/a
Posts: n/a
use 802.1x EAP-TLS for authentication and TKIP encryption.
To do the authentication we have a pair of Windows Server 2003 R2 SP2
servers running IAS and also as an MS certificate authority (AD Integrated
root and subordinate).
This works perfectly for all sorts of laptops running windows XP however we
have recently bought a few Dell Laptops running Vista and they don't want to
connect.
The problem is that when we try and request a new digital certificate for
the user from the CA we get warnings about it not being compatible with this
version of windows so we can't request a certificate directly. I have read
the instructions on how to amend the CA's web interface with code from
Longhorn Server but haven't yet done this (No longhorn machines for a start)
, and as a work round we thought we can just request the cert using an XP
machine then export it and import into vista.
I don't think the wireless connection setup is as good on Vista as XP (it
seems to be overly simplified and the advanced settings are too well hidden)
but I have configured a client with the same settings as XP and when I try
and connect it informs me that I don't have a certificate , yet it's sat
there in my personal certificates store.
If I switch the client and RADIUS server to use PEAP instead of EAP-TLS then
I can connect OK as you'd expect.
So , is there any workround for this or something that I could be doing
wrong when I try and export the certificates from an XP to Vista machine?
Any suggestions gratefully appreciated.
--
Alex
New laptop - Sig missing
Threaded Mode
