Trusted CA, Signed Certs and Verification

Alan DeKok aland at deployingradius.com
Fri Apr 4 21:09:54 CEST 2014


Sam Fakhreddine wrote:
> When I run radius -X everything works normally and the config file loads those files, and yet I still get "server identity cannot be verified" even though the entire chain is available there. 
> 
> I can verify with openssl verify that my certificate and my chain are OK

  Then the device is broken.  See if there's any debugging *it* has
which can help.

  Also, try using eapol_test, as suggested on my web site:

http://deployingradius.com

  If eapol_test works, then you KNOW the device is broken.  The
eapol_test program is just about perfect.  It will either work, or will
give useful error messages.

  Alan DeKok.


More information about the Freeradius-Users mailing list