My application runs on glassfish server, so I import the cert files to keystore. Also tried to import cert files to cacerts directory(/java/jdk1.6.0_34/jre/lib/security/cacerts) but it did not work. I import the server.crt too, and try to authenticate now, but nothing has changed. I am continuing to debug the logs(server logs, freeradius logs etc). Let me ask a question, I am new at freeradius. Although this error occurs for SSLv3 read client certificate B, there is no error occurance for certificate A like below. [tls] TLS_accept: SSLv3 write certificate request A [tls] TLS_accept: SSLv3 flush data [tls] TLS_accept: Need to read more data: SSLv3 read client certificate A I did not unterstand this log, what does it mean "need to read more data"? Thanks, On Wed, Nov 27, 2013 at 4:24 PM, Alan DeKok <aland@deployingradius.com>wrote:
Esma Yalcinkaya wrote:
Then, created certificates via "bootstap", "make" and "make client" commands. Import them to glassfish with keytool:
Does glassfish do EAP?
However, when I sent an eap-tls authentication request, I took following error: ... TLS_accept: error in SSLv3 read client certificate B rlm_eap: SSL error error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
The end user system isn't sending over a client certificate.
I read a lot about this issue, but I could not figure out what is missing.
You'll have to debug the non-FreeRADIUS portion. It's the one which is causing the authentication to fail. See it's debugging logs for details.
You may need to install the server cert on it, tho that shouldn't be necessary.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html