thanx for you reply, but as i said certificates are ok. Please see this log [tls] --> User-Name = 0026826172C4@test_cpe.com [tls] --> BUF-Name = wi-tribe Pakistan Certification Authority [tls] --> subject = /C=PK/ST=Fedral Capital/L=Islamabad/O=wi-tribe Pakistan limited/OU=Network Operations/CN=wi-tribe Pakistan Certification Authority/emailAddress=pkwinoc@pk.wi-tribe.com [tls] --> issuer = /C=PK/ST=Fedral Capital/L=Islamabad/O=wi-tribe Pakistan limited/OU=Network Operations/CN=wi-tribe Pakistan Certification Authority/emailAddress=pkwinoc@pk.wi-tribe.com *[tls] --> verify return:1* *--> verify error:num=10:certificate has expired * *[tls] >>> TLS 1.0 Alert [length 0002], fatal certificate_expired * *TLS Alert write:fatal:certificate expired* * TLS_accept: error in SSLv3 read client certificate B* *rlm_eap: SSL error error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned* * * *thanks* On Fri, Jul 19, 2013 at 2:58 PM, <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,
I am trying to configure eap with some customized certificates, I have configured eap.config correctly. But I am getting the error of "certificate expired". Although i have the latest certificates.
certificate has expired. FreeRADIUS has no reason to lie.
check the startup output of 'radiusd -X' - look for when it loads the certs. then use openssl to read those certs to see what the values are - server cert, CA cert....or client cert. whatever you're using eg
openssl x509 -in server.pem -noout -text
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Best Regards Muhammad Nadeem Muhammad Ali Jinnah University