Multiple EAP-TLS modules with different certificates
Thibault Le Meur
Thibault.LeMeur at supelec.fr
Fri Apr 2 11:09:08 CEST 2010
Thank you for your prompt answer.
Alan DeKok a écrit :
> Yes. Others use multiple certs && multiple EAP modules.
Thanks for this answer, this confirms that I'm on the right way.
>> A quick look at FR debug logs confirms, as far as I can read them, that
>> the client is refusing the radius server certificate.
> I don't think that's in the debug log.
You're right it's not clearly writtent in the FR logs, but the fact the
TLS exchanges just stop at a given time help me suppose the origin of
the problem (which is confirmed bu reconfiguring the supplicant).
>> Is there a client tool to check which certificate is used by FR ?
> wireshark might do it.
You're right, I'll do this.
>> Have I missed something in the setup ?
> Did you test each piece in isolation before putting it all together?
No because I'm working on my production radius server and I didn't want
to break my old SSID (which I unintentionally did anyway for 5 minutes).
I'll make more tests and will triple check my setup now I know that it's
Many thanks again for your answer.
More information about the Freeradius-Users