That's what I thought as well. Configured 1 file with cert + intermediate CA + root ca in that order, using it at each end A On 9 December 2016 at 15:18, Alan DeKok <aland@deployingradius.com> wrote:
On Dec 9, 2016, at 6:10 AM, Alex Sharaz <alex.sharaz@york.ac.uk> wrote:
o.k back to 3.0\ Fri Dec 9 10:49:55 2016 : Debug: (0) <<< recv TLS 1.2 [length 0002] Fri Dec 9 10:49:55 2016 : ERROR: (0) TLS Alert read:fatal:unknown CA
That seems important.
Fri Dec 9 10:49:55 2016 : Debug: (0) Creating attributes from certificate OIDs Fri Dec 9 10:49:55 2016 : ERROR: (0) SSL says error 19 : self signed certificate in certificate chain Fri Dec 9 10:49:55 2016 : Debug: (0) >>> send TLS 1.2 [length 0002] Fri Dec 9 10:49:55 2016 : ERROR: (0) TLS Alert write:fatal:unknown CA
And that seems important.
Your certificates aren't configured correctly.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/ list/users.html