[SOLVED] 802.1x auth EAP-TLS problem

Christ Schlacta lists at aarcane.org
Wed Jun 29 02:52:25 CEST 2011


On 6/28/2011 01:52, Marco Londero wrote:
> On Tue, 28 Jun 2011 10:28:45 +0200, Alan DeKok<aland at deployingradius.com>
> wrote:
>
>> Use the correct certificates.
> I re-generated client certificate and signed it w/ CA one instead of
> server (default Makefile conf) and worked.
>
> Sorry for the noise.
>
>
I always thought it was odd that the default makefile tried to sign the 
client certificate with the server certificate without the server 
certificate being signed with CA properties of any sort.  I thought it 
was some advanced chained root thing, but I never got it to work even 
once, so I wrote my own, but it sucks.  I think it may be a bug, and you 
just reminded me of that.  someone who knows what they're actually on 
about should investigate that and see if it needs fixin' or filin'.



More information about the Freeradius-Users mailing list