Karthik R wrote:
I'm trying to configure freeradius2.0.3 to authenticate wireless users against AD.
You should probably use 2.0.4, for a number of reasons.
Installed CA.der certificate alone on the windows xp supplicant, i didnt generate individual client certificate as i dont want the users to be have less task to configure wireless . As per my understanding and in previous freeradius it worked this way installing root.der certificate alone and without individual supplicant certificate.
Yes.
I'm unable to authenticate the users against AD. can someone throw some light here. Attached the log message. ... routines:SSL3_SEND_SERVER_KEY_EXCHANGE:missing tmp rsa key rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails.
Weird. I've never seen that before. It looks like the Windows machine is not doing all of the SSL exchange. Try un-checking "validate server certificate" on the Windows box. It's not a good idea for production use, but it may help for testing. Alan DeKok.