Hi,
I am trying to setup freeraadius in eap-tls mode. I am using freeradius as a server and wpa-supplicant as a client. I have installed both packages in Ubuntu-14.04.3. I am using the sample certificates provided along with freeradius package. I use the script bootstrap provided in */freerad/raddb/cert* . I donot know if this script properly signs the certificate or not as i am not an expert in this area. I simply provide the paths to these certificates in client.conf to freeradius and configuration file in wpa-supplicant. Following is the wpa-supplicant configuration i am using
okay
network={
ssid="YOUR-SSID" scan_ssid=1 key_mgmt=WPA-EAP eap=TLS identity="alice" ca_cert="/home/areh/freeradius-server-3.0.11/raddb/certs/ca.pem" client_cert="/home/areh/freeradius-server-3.0.11/raddb/certs/client.pem" private_key="/home/areh/freeradius-server-3.0.11/raddb/certs/client.key" }
okay the private key should also be in the pem file as well - but these are protected by password and you dont have a password option in the config - so you'll need to convert the file to not be password protected (the output clearly shows password problem ) also.....at this point you need to show us the debug output of freeradius, not the wpa_supplicant output - we need to see the problem at the server end. many thanks alan