On 8/30/06, Tilen <lutemberg@gmail.com> wrote:
Ok i really don't get it. I made all certificates myself using only openssl (no scripts) and entered path to them in TLS part of the eap.conf file. CA, server cert.., everything is there in the same directory (in my case - CERTS, with big letters) (how would i sign certificate if i wouldn't create CA first?). And i don't have CA.all file at all :\ Files i'm using: cacert.pem <-- this is my CA cakey.pem newcert.pem <-- and this is my server cert newcert.req
Your supplicant is sending an TLS Alert Message, because _it_ cannot find a CA certificate. What you are talking about is the freeradius side of things which looks alright at first glance. And if you don't get it to work, please first check with demo certficates to be generated by the CA.all script. hth K. Hoercher