Create a PEAP Certificate using OpenSSL for use with IAS on an Aironet1200

Discussion in 'Cisco' started by Wil, Aug 25, 2005.

  1. Wil

    Wil Guest

    Has anyone been able to actually make this happen? Looks like there are
    a couple of "Bag Attributes" that IAS requires for a PEAP certificate. I
    for the life of me cannot get a certificate generated using OpenSSL.
     
    Wil, Aug 25, 2005
    #1
    1. Advertisements

  2. Hi Wil,

    You may wish to investigate Cisco Wireless TAC Case Solution #
    K17306437.

    How to enable Protected Extensible Authentication Protocol ( PEAP ):

    http://129.41.16.73/wireless/showcase?case=K17306437

    Hope this helps.

    Brad Reese
    BradReese.Com Cisco Repair Service Experts
    http://www.bradreese.com/index.htm#EXPERTS
    1293 Hendersonville Road, Suite 17
    Asheville, North Carolina USA 28803
    USA/Canada Toll Free: 877-549-2680
    International: 828-277-7272
    United Kingdom: 44-20-70784294
     
    www.BradReese.Com, Aug 25, 2005
    #2
    1. Advertisements

  3. Wil

    Wil Guest

    I appreciate the info, unfortunately that is client side... The client
    side will be handled via PKI when all is complete.

    I suppose this is probably more of an OpenSSL question, but I figure
    enyone here that has used PEAP has gone through this process.

    Basically I need to set the Bag Attributes as follows:

    Crypto Graphic Service Provider (oid=1.3.6.1.4.1.311.17.1) set to
    'Microsoft RSA SChannel Cryptographic Provider'

    LocalKeySet (oid=1.3.6.1.4.1.311.17.2) set to an empty string.

    Wil
    my 3ยข
     
    Wil, Aug 25, 2005
    #3
  4. Wil

    SecPer

    Joined:
    Nov 18, 2008
    Messages:
    1
    Likes Received:
    0
    Hi ,

    In this website "codealias.info" there is a guide "PKI SSL certificate management with OpenSSL" that I used to create certificates for the hostapd RADIUS server. It works perfectly. I dont know about IAS, but it should work.

    "codealias.info/technotes/manipulating_pki_certificates"

    Hope it helps.
     
    Last edited: Nov 18, 2008
    SecPer, Nov 18, 2008
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.