problem with CA certificate using mschapv2

marcos deconya at riseup.net
Wed Jan 21 12:38:31 CET 2015


Hi


For private content :-)
Public key 0x0C05942A895BD10E
FIngerprint 45B9 EC0B 58D5 B17C 8C37 95C3 0C05 942A 895B D10E

El 21/01/15 a las 12:26, Matthew Newton escribió:
> On Wed, Jan 21, 2015 at 11:10:23AM +0100, marcos wrote:
>> TLS Alert read:fatal:unknown CA
>>     TLS_accept: failed in SSLv3 read client certificate A
>> rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
>> alert unknown ca
>> SSL: SSL_read failed inside of TLS (-1), TLS session fails.
> The client has got a problem with the CA.
>
>> Looking radiusd.conf all seems to be correct, but Im using TERENA CA and
>> Im not sure which CA is the correct. Somebody knows how to concret the
>> error? Is not reading CA? CA is not valid?
> Is the CA cert (and all intermediate certs) installed on the
> client?
Yes, I was installing. The problem is that I don't know how to prepare
the CA certificate for the server part. Im using TERENA:
> If the intermediate certs are not installed on the client, are you
> sending them (in the right order) from the server?
Justly is the point where I don't know how to do. Only I discovered how
to add the CA, but no the Intermediate certificates. I need to prepare a
certificate joining all or I can mark different?

Thanks
> Matthew
>
>



More information about the Freeradius-Users mailing list