meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
network:wifi:wpae:cert [2023/07/03 20:46] niziaknetwork:wifi:wpae:cert [2023/07/05 10:35] (current) niziak
Line 3: Line 3:
   * [[https://wiki.freeradius.org/guide/certificate-compatibility|   * [[https://wiki.freeradius.org/guide/certificate-compatibility|
 Certificate Compatibility]] Certificate Compatibility]]
 +  * [[https://learn.microsoft.com/en-US/troubleshoot/windows-server/networking/certificate-requirements-eap-tls-peap#server-certificate-requirements]]
 +  * [[https://wiki.geant.org/display/H2eduroam/EAP+Server+Certificate+considerations|EAP Server Certificate considerations]]
 +  * [[https://www.wi-fi.org/download.php?file=/sites/default/files/private/WPA3%20Specification%20v3.1.pdf|WPA3 Specification]]
 +  * [[https://wiki.alpinelinux.org/wiki/FreeRadius_EAP-TLS_configuration]]
  
 +===== Summary =====
  
-Windows client requirements: [[https://learn.microsoft.com/en-US/troubleshoot/windows-server/networking/certificate-requirements-eap-tls-peap#server-certificate-requirements]] +  * Windows client requirements:  
-  Server Authentication OID = ''1.3.6.1.5.5.7.3.1'' +    Must contains OID = ''1.3.6.1.5.5.7.3.1'' (TLS Web Server Authentication) 
-  * The name in the ''Subject'' line of the server certificate matches the name that's configured on the client for the connection. +    * The name in the ''Subject'' line of the server certificate matches the name that's configured on the client for the connection. 
-  * For wireless clients, the ''Subject Alternative Name SubjectAltName)'' extension contains the server's fully qualified domain name (FQDN).+    * For wireless clients, the ''Subject Alternative Name SubjectAltName)'' extension contains the server's fully qualified domain name (FQDN).