Enrique Llanos Vargas wrote:
I've just installed a freeradius+mysql on a debian 6.0.3, first test from localhost with radtest and mysql user auth (radcheck table) worked well, 2nd test with radeaptest with mysql and md5 eap method worked well too, but I don't find a way to make it work with eap+tls:
Follow the EAP-TLS guide on the web site. It *will* work.
Here's my error output:
*[peap] <<< TLS 1.0 Alert [length 0002], fatal unknown_ca TLS Alert read:fatal:unknown CA TLS_accept: failed in SSLv3 read client certificate A
That is relatively clear: the client certificate was signed by an unknown CA.
For what I've read, either I must create my own certs for eap+tls
Uh... that's how TLS works. You sign client certificates.
or I can disable TLS, for the 1st, I've followed 'n' guides on the web but none seems to work for me and for the second, I just dont find where to disable the eap with TLS.
I don't really want to use TLS, so if you help me to disable TLS, it'll be fine for me.
Disabling TLS is simple: delete the "tls {...}" block from eap.conf. Alan DeKok.