NoteHKLM\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13
| Data type | Range | Default value |
|---|---|---|
| REG_DWORD | 0 | 1 | 0 |
Lets EAP-TLS clients connect even when a server that stores a relevant revocation list is not available on the network.
By default, EAP-TLS does not permit clients to connect unless it can complete a revocation check of their certificate chain and verify that none of the certificates has been revoked. When it cannot connect to a server that stores a revocation list, EAP-TLS considers the certificate to have failed the revocation check. However, you can add this entry to the registry to direct EAP-TLS to ignore errors related to unavailable servers.
This entry prevents a client from being denied permission to connect because poor network conditions prevented their revocation check from completing successfully.
| Value | Meaning |
|---|---|
| 0 | The server considers a certificate to have failed the revocation check when it cannot connect to a server that stores a revocation list. |
| 1 | When the server connect to a server that stores a revocation list, it ignores the error and permits the client to connect. |
Note
This entry is effective only when it appears in the registry of a RRAS server.
Windows 2000 does not add this entry to the registry. You can add it by editing the registry or by using a program that edits the registry.
Related Entries
