<div dir="ltr">Hi, <div><br></div><div>Could anybody help me about EAP-TLS authentication?</div><div><br></div><div>I use freeradius-server-2.2.0 version, and openssl is installed and use glassfish.</div><div><br></div><div>
Configured eap.conf file (make default_eap_type = tls and update the tls certificate configs.)</div><div><br></div><div>Then, created certificates via "bootstap", "make" and "make client" commands. Import them to glassfish with keytool:</div>
<div><br></div><div>keytool -import -alias root -keystore keystore.jks -trustcacerts -file ca.der<br></div><div>keytool -import -alias client -keystore keystore.jks -trustcacerts -file client.crt<br></div><div><br></div>
<div>However, when I sent an eap-tls authentication request, I took following error:</div><div><br></div><div><div>[eap] EAP/tls</div><div>[eap] processing type tls</div><div>[tls] Authenticate</div><div>[tls] processing EAP-TLS</div>
<div>[tls] eaptls_verify returned 7 </div><div>[tls] Done initial handshake</div><div>[tls] <<< TLS 1.0 Handshake [length 0007], Certificate </div><div>[tls] >>> TLS 1.0 Alert [length 0002], fatal handshake_failure </div>
<div>TLS Alert write:fatal:handshake failure</div><div> TLS_accept: error in SSLv3 read client certificate B</div><div>rlm_eap: SSL error error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate</div>
<div>SSL: SSL_read failed in a system call (-1), TLS session fails.</div><div>TLS receive handshake failed during operation</div><div>[tls] eaptls_process returned 4 </div><div>[eap] Handler failed in EAP/tls</div><div>[eap] Failed in EAP select</div>
<div>++[eap] returns invalid</div><div>Failed to authenticate the user.</div><div>Using Post-Auth-Type REJECT</div></div><div><br></div><div><br></div><div>I read a lot about this issue, but I could not figure out what is missing.</div>
<div><br></div><div><br></div><div>Thanks & Regards,</div><div><br></div><div><br></div></div>