tls { private_key_file = /etc/freeradius/eap/newkey.pem certificate_file = /etc/freeradius/eap/newcert.pem CA_file = /etc/freeradius/eap/eapCA/cacert.pem dh_file = /etc/freeradius/eap/dh random_file = /etc/freeradius/eap/random fragment_size = 1024 include_length = yes check_crl = no } I tryied both: newcert.pem and/or cacert.pem but still no communicate on debug screen: (....) Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/var/log/freeradius/radutmp" radutmp: username = "%{User-Name}" radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. windows client show: verification failed. I have to do sth wrong, but I dont have any idea what. On Fri, May 15, 2009 at 2:14 PM, Ivan Kalik <tnt@kalik.net> wrote:
Thank you for answer. I put this to personal store, I think it is a client certificate, I gave a commonName ca_auth
..
Issuer: C=PL, ST=dolnoslaskie, O=firma, OU=firma, CN=ca_auth/emailAddress=Email@Address.pl
...
Subject: C=PL, ST=dolnoslaskie, O=firma, OU=firma, CN=ca_auth/emailAddress=Email@Address.pl
...
X509v3 Basic Constraints: CA:TRUE
No, that looks like a self signed root certificate to me.
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html