eap_peap: ERROR: TLS Alert read:fatal:unknown CA

L. Rose lists at lrose.de
Fri Nov 29 12:49:24 CET 2019

>    From the comments in mods-available/eap:
> 		#  This file should contain the server certificate,
> 		#  followed by intermediate certificates, in order.
> 		#  i.e. If we have a server certificate signed by CA1,
> 		#  which is signed by CA2, which is signed by a root
> 		#  CA, then the "certificate_file" should contain
> 		#  server.pem, followed by CA1.pem, followed by
> 		#  CA2.pem.

Thanks for the advise, I was able to fix the problem. I created a 
fullchain.pem containing the server certificate and all intermediate 
certificates, and now it works with all clients even on newer versions 
of freeradius. Thanks a lot!

Kind regards,

More information about the Freeradius-Users mailing list