TLS error

warp core warpcor at gmail.com
Tue Feb 14 16:20:26 CET 2006


I get a TLS_accept error when the server reads the client certificate.
All used certificates (client, server) were generated by the same CA
(OpenSSL).
What can it be wrong?
Can someone show a log with a successful EAP-TLS authentication?

from the freeRADIUS log-------------------------------------------
 TLS_accept: before/accept initialization
    TLS_accept: SSLv3 read client hello A
    TLS_accept: SSLv3 write server hello A
    TLS_accept: SSLv3 write certificate A
    TLS_accept: SSLv3 write key exchange A
    TLS_accept: SSLv3 write certificate request A
    TLS_accept: SSLv3 flush data
    TLS_accept:error in SSLv3 read client certificate A
-------------------------------------------------------------------------------

The authentication goes on and terminates with the following:

from the freeRADIUS log-------------------------------------------

TLS Alert read:fatal:certificate unknown
    TLS_accept:failed in SSLv3 read client certificate A
5294:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown:s3_pkt.c:1052:SSL alert number 46
5294:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake
failure:s3_pkt.c:837:
rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails.
rlm_eap_tls: BIO_read failed in a system call (-1), TLS session fails.




More information about the Freeradius-Users mailing list