none
Windows Embedded/CE and 802.1x certificates RRS feed

  • Question

  • Hi guys,

    Hope this is the right Subforum ^^"

    We have a little Problem with 802.1x.

    Heres the Situation.

    Currently we try to Setup some Motorola Handscanners with 802.1x authentication so they can connect to our W-Lan.

    The Handscanners are using Windows Embedded 6.5 and Windows CE 6.

    We did already import the certificates but it seems they are not sent to our Radius Server.

    Everytime the Handscanner connects and the WLAN Login Page appears.

    Asking for a Username and Domain.

    The Logs of Radius are showing that the device is trying to sent a Username and Password instead of the Certificate it should send.

    How can i change this behaviour?

    Kind Regards,

    PSC

    Thursday, October 31, 2013 2:48 PM

All replies

  • I'm not sure what you mean by Windows Embedded 6.5 but I'll read that as "WEH 6.5"...

    What authentication method is supported by your server? LEAP, PEAP, something else? Depending on how exotic the authentication, it's possible that CE does not have that EAP client. We'll have to return to this.

    Can you make a manual connection to the server using the target certification and appropriate credentials? Remember that the certificate may simply allow the client to connect, not replace user name and password.

    If you can create the connection manually via the user interface but the setting does not "stick" after a reboot, we can address that.

    If you can't make the connection manually, you have an OS issue with the components built into the device OS or with the authentication method of the server and will have to work that through the device vendor and RADIUS server manager.

    Paul T.

    Friday, November 1, 2013 3:23 PM
  • Hi Paul,

    thanks for the reply. No i can not make a connection through the Import (Fetch certificate from Server) function since the Certificate is used to authorize the device to the Server. The Radius Server has no user accounts stored on it. So a manual connection wouldnt work either. Its just working via the certificates.

    The Method to authorize is WPA2 Enterprise EAP-TLS with an Installed User Certificate.

    No installed Server Certificate, No Username and Password given, prompt for Login is set to off Encryption AES and Allowing WPA 2 Mixed Mode.

    Kind Regards,

    Patrick

    Monday, November 4, 2013 7:42 AM
  • So my point was "can you establish a connection using the normal Windows CE WiFi user interface?" If you can't, nothing that you do with certificates or configurations will work. It means that either you don't have the right EAP client built into your target device or Windows CE doesn't offer the right EAP client.

    If you can manually connect via the user interface, then you can set up the device to connect automatically.

    Paul T.

    Monday, November 4, 2013 3:19 PM
  • Hi Paul,

    thanks again for the answer.

    So i can connect to a different network without Problems if thats what you meant. I can not connect to the Network i want to use the Certificate for since from my understanding and from what i read Windows Mobile needs to be connected once via User and Pass before the use of an certificate is working. Unfortunately our Wifi is only working with certificates there is no user nor a password set which is working fine with iphones and Android Smartphones.

    I hope that answered your questions this time ^^"

    Kind Regards,

    Patrick

    Tuesday, November 5, 2013 7:29 AM
  • I see this is an older discussion, but I'm having similar issues.

    I currently have all three of my handhelds connected via the WPA2 Certificate-based authentication, but it was a major challenge to get them to do so.  Unfortunately, I tried so many things over a 2-week period that I'm having difficulty recreating the process.

    I've attempted to have the device download the certificate, no success.  I've manually placed the certificate on the device, and still no connection.  Somehow or another, eventually I was able to get them to connect.

    None of the ios-based devices or android devices have this problem, just the Windows Embedded devices (connecting to a Windows-based RADIUS Server and a Windows-based NPA Server.  Go figure.  

    Does anybody know the "magic sequence of events" to connect properly on the first try?  Once connected, they're trouble-free, but setting up new devices is a pain.  Again, no issues with ANY OTHER device, just the Windows Embedded.  WPA2-Enterprise, PEAP


    • Edited by chryssmt Wednesday, April 5, 2017 4:35 PM
    Wednesday, April 5, 2017 3:48 PM