Well, yes, there is. What I meant to say is, you need to set CA to a file which has all the certificates of the chain: ROOT_CA, Sub1_CA and Sub2_CA. When speaking to certificate files, I call the concatenated one "certificate chain file", but it's another concept: http://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/index.jsp?topic=%2Fcom.i... 2012/4/25 jinx_20 <gabriel_skupien@o2.pl>
As I mentioned before CA_file in the eap.conf is set to ${cadir}/Sub2_CA_*entire_chain*.pem
Is there any difference between concatenated CA file and certificate chain?
Gabriel
-- View this message in context: http://freeradius.1045715.n5.nabble.com/EAP-TLS-Windows-7-Problem-with-chain... Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html