Why does a Mac require a certificate with the Subject Alternate Name
08-20-2013 04:00 PM - edited 08-20-2013 04:01 PM
Yesterday I tried connecting a Macbook to our Aruba wireless. Our Aruba wireless uses eap-tls for authentication. I exported a working certificate (including the private key) off of my Windows machine, and put it on the Mac, but it didn't work. The NPS logs for the Macs auth were very different, with the security id field showing 'null sid'. I did a bit of Googling and found this link - https://supportforums.cisco.com/docs/DOC-15477
Following the advice in the link I created a certificate with a common name in the format of host/hostname, and the alternate subject name in the format hostname. Surprisingly it worked, which has confused me. Why does a Mac require a certificate in a different format than a Windows machine?