16 Jun
2008
16 Jun
'08
3:49 p.m.
Julian Stöver wrote:
I'm running Freeradius2 with EAP-TLS. I've created new certificates and putted them into my certs-dir. Radius starts with no errors. But if I try to login, I get this TLS Error: ...
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0467], Certificate --> verify error:num=18:self signed certificate rlm_eap_tls: >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
You have given the client a self-signed certificate. You have given the server a completely *different* set of certificates. Since there is no common point of reference, the user cannot authenticate. You need to give the client a certificate that is signed by the server certificate. Alan DeKok.