thanx for you reply, but as i said certificates are ok. Please see this log 

[tls] --> User-Name = 0026826172C4@test_cpe.com
[tls] --> BUF-Name = wi-tribe Pakistan Certification Authority
[tls] --> subject = /C=PK/ST=Fedral Capital/L=Islamabad/O=wi-tribe Pakistan limited/OU=Network Operations/CN=wi-tribe Pakistan Certification Authority/emailAddress=pkwinoc@pk.wi-tribe.com
[tls] --> issuer  = /C=PK/ST=Fedral Capital/L=Islamabad/O=wi-tribe Pakistan limited/OU=Network Operations/CN=wi-tribe Pakistan Certification Authority/emailAddress=pkwinoc@pk.wi-tribe.com
[tls] --> verify return:1
--> verify error:num=10:certificate has expired 
[tls] >>> TLS 1.0 Alert [length 0002], fatal certificate_expired  
TLS Alert write:fatal:certificate expired
    TLS_accept: error in SSLv3 read client certificate B
rlm_eap: SSL error error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned

thanks


On Fri, Jul 19, 2013 at 2:58 PM, <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,

>    I am trying to configure eap with some customized certificates, I have
>    configured eap.config correctly.
>    But I am getting the error of "certificate expired". Although i have the
>    latest certificates.

certificate has expired. FreeRADIUS has no reason to lie.

check the startup output of 'radiusd -X' - look for when it loads the certs.
then use openssl to read those certs to see what the values are - server cert,
CA cert....or client cert. whatever you're using eg

openssl x509 -in server.pem -noout -text

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



--
Best Regards
Muhammad Nadeem
Muhammad Ali Jinnah University