<div dir="ltr">Hi,<div><br></div><div>Thanks for the reply.</div><div>Now TLS connection is established.</div><div>I get following error after 33seconds and sockets will be closed.</div><div><br></div><div><div>waking up in 29.4 seconds.</div><div>Reached idle timeout on socket auth from client (10.253.6.11, 1645) -> (*, 2083, virtual-server=default)</div><div> ... shutting down socket auth from client (10.253.6.11, 1645) -> (*, 2083, virtual-server=default)</div><div>Waking up in 2.9 seconds.</div><div>... cleaning up socket auth from client (10.253.6.11, 1645) -> (*, 2083, virtual-server=default)</div></div><div><br></div><div>I have changed idle_timeout period to 0 from 30.(in tls and default file)</div><div>According to my understanding 0 means infinite.</div><div>So sockets and conenction has to be up for infinite amount of time.</div><div>Please Correct me if I am wrong!</div><div><br></div><div>Thanks,</div><div>Kavya</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Oct 16, 2014 at 3:30 PM, <span dir="ltr"><<a href="mailto:freeradius-users-request@lists.freeradius.org" target="_blank">freeradius-users-request@lists.freeradius.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Send Freeradius-Users mailing list submissions to<br>
<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.freeradius.org/mailman/listinfo/freeradius-users" target="_blank">http://lists.freeradius.org/mailman/listinfo/freeradius-users</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:freeradius-users-owner@lists.freeradius.org">freeradius-users-owner@lists.freeradius.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of Freeradius-Users digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: Beginner help (<a href="mailto:A.L.M.Buxey@lboro.ac.uk">A.L.M.Buxey@lboro.ac.uk</a>)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Thu, 16 Oct 2014 08:48:30 +0000<br>
From: <a href="mailto:A.L.M.Buxey@lboro.ac.uk">A.L.M.Buxey@lboro.ac.uk</a><br>
To: FreeRadius users mailing list<br>
<<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>
Subject: Re: Beginner help<br>
Message-ID: <<a href="mailto:20141016084830.GA25352@lboro.ac.uk">20141016084830.GA25352@lboro.ac.uk</a>><br>
Content-Type: text/plain; charset=us-ascii<br>
<br>
Hi,<br>
<br>
> I generated .csr using openssl command and used this csr to generate CA<br>
> signed certificate. I installed this CA signed certificate under trusted<br>
> root of server. But when I run freeradius in debug mode, I get the<br>
> following error:<br>
<br>
eap.conf (2.x) or mods-enabled/eap files give clear documentation<br>
on the cert files etc required. the FreeRADIUS system comes with fully documented<br>
information about certificate generation and requirements<br>
<br>
<br>
but your error looks like the client is using the wrong CA when talking to the RADIUS<br>
server<br>
<br>
please use the history feature of the users mailing list to see exactly this same issue<br>
talked about many many times over the past years<br>
<br>
alan<br>
<br>
<br>
------------------------------<br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
<br>
End of Freeradius-Users Digest, Vol 114, Issue 50<br>
*************************************************<br>
</blockquote></div><br></div>