Multiply CA and CA-Chain not working in Freeradius2
Alan DeKok
aland at deployingradius.com
Thu Jan 18 20:26:41 CET 2018
On Jan 18, 2018, at 1:45 PM, Gladewitz, Robert via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> i try to use tls with two ca. One ca have a CA chain and i concat all in one
> pem file. Then the following error can be found on authentication:
That's the client giving up on the server. It's not an error on the server.
> If I use both certiface in a own file, it will work fine for the configuring
> certificate.
Then that's the thing to do.
> Is thre same rules about ordering.
OpenSSL reads the certificate file in order.
> Or are certificate with different SHA hashes not compatible?
Since it works when they're in different files, they are compatible.
In the end.. upgrade to v3. It has a large number of things fixed. And, has some work-arounds for OpenSSL issues with auto-chaining of certificates.
Alan DeKok.
More information about the Freeradius-Users
mailing list