I presumed that part, just not sure what exact role it plays in the server verification process, besides the obvious part where the entered FQDN has to match what the server cert has in it. Is it only that or does it play a role in the certificate chain hopping?
First of all this is a very good explanation of the whole process, makes a lot of sense so thank you for that!
Regarding the certificate chain - the client can always determine which authority signed the server certificate the server presents? If it can determine who the CA is, then the client...
No no, you mixed something up, my server cert is not public. My Certificate Authority is public, they are the ones signing my certificate. The point of that is that their CA certificates come preinstalled on smartphones so I don't have to distribute anything to my end users.
Greetings,
I am working on a enterprise authentication system for my company. Got a NPS (RADIUS) server configured to authenticate wireless clients using PEAP-MSCHAPv2. This method uses server certificates to verify the identity of the server the client is talking to. The NPS, whose name is...