On Aug 2, 2023, at 9:07 AM, Maciej Kowalka <maciejkowalkati@gmail.com> wrote:
In the config:
Ca_file points to ca.pem Ca_path points to folder containing both ca.pem and intermediate.pem
That should be fine.
Auto_chain is set to “yes”
That might be OK. It's OpenSSL... it's hard to say.
Done c_rehash for the folder with certs, freeradius restarted, but in debug I still see the same warnings:
Warning: Certificate chain - 1 cert(s) untrusted Warning: (TLS) untrusted certificate with depth [1] subject name /C=PL/ST=MyState/O=MyOrg/CN=Intermediate CA Warning: (TLS) untrusted certificate with depth [0] subject name /C=PL/ST=MyState/O=MyOrg/CN=client
Either that's a different certificate than what is in the ca_path directory, or there's some OpenSSL magic going on. i.e. FreeRADIUS uses OpenSSL for certificate handling. If OpenSSL is complaining about certificates, there's really not a lot we can do. Alan DeKok.