I generated .csr using openssl command and used this csr to generate CA signed certificate. I installed this CA signed certificate under trusted root of server. But when I run freeradius in debug mode, I get the following error:
(0) <<< TLS 1.0 Handshake [length 0208], Certificate
--> verify error:num=20:unable to get local issuer certificate
(0) ERROR: SSL says error 20 : unable to get local issuer certificate
(0) >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
(0) ERROR: SSL says: TLS Alert write:fatal:unknown CA
(0) ERROR: SSL says: TLS_accept: error in SSLv3 read client certificate B
(0) ERROR: SSL says: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
SSL: SSL_read failed in a system call (-1), TLS session fails.
(0) FAILED in TLS handshake receive
Closing TLS socket from client port 1645
Client has closed connection
... shutting down socket auth from client (10.253.6.11, 1645) -> (*, 2083, virtual-server=default)
Debug says "fatal unknown_ca". I think I should be adding CA information somewhere in the server. Could anybody please guide me on the same.
I would like to know where am I going wrong.