tls {
      private_key_file = /etc/freeradius/eap/newkey.pem 
      certificate_file = /etc/freeradius/eap/newcert.pem
      CA_file = /etc/freeradius/eap/eapCA/cacert.pem
      dh_file = /etc/freeradius/eap/dh
      random_file = /etc/freeradius/eap/random
      fragment_size = 1024
      include_length = yes
      check_crl = no
   }

I tryied both:
newcert.pem and/or cacert.pem
but still no communicate on debug screen:

(....)
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename = "/var/log/freeradius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.

windows client show: verification failed.

I have to do sth wrong, but I dont have any idea what.


On Fri, May 15, 2009 at 2:14 PM, Ivan Kalik <tnt@kalik.net> wrote:
> Thank you for answer.
> I put this to personal store, I think it is a client certificate, I gave a
> commonName ca_auth
>
>
..
>         Issuer: C=PL, ST=dolnoslaskie, O=firma, OU=firma,
> CN=ca_auth/emailAddress=Email@Address.pl
...
>         Subject: C=PL, ST=dolnoslaskie, O=firma, OU=firma,
> CN=ca_auth/emailAddress=Email@Address.pl
...
>             X509v3 Basic Constraints:
>                 CA:TRUE

No, that looks like a self signed root certificate to me.

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html