I'm happy to be wrong about this, but in my experience, this parameter:
-CApath ca.pem
Needs to be an actual path, not a PEM CA file, where you have performed these steps:
download certificate authority cert in PEM format
run c_rehash . (openssl script)
Hi All,I am trying to use authenticate one embedded WLAN device with using freeRadius server 2.0.4I have radiusd.conf,client.conf files as per my configuration.I have created certificates using bootstrap script.Values in ca.cnf,client.cnf and server.cnf have been modified accordingly.I have copied ca.pem, client.pem to device filesystem.Private key has been extracted from client.pem.Since last week I am trying to authenticate freeradius server but I am getting error like "Unknown CA".Please see attached radius logs.When I verify client certificate using "openssl verify -CApath ca.pem client.pem"I see following error:Error 20 at depth 0 lookup : unable to get local issuer certificate.Device is already tested with Windows 2003 server's TLS(of course with different set of certificates :<) ) and it is working fine.What will be possible reason behind this and where am I going wrong?Appreciate your help.Thanks and Regards,Avinash.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html