Re: free radius 1.1.6 -eap-tls authentication
Dear all Thanks for the information.I am not able to do successful authentication still. These are my configurations I have copied my root.pem and server.pem to /etc/raddb/certs directory 1.My eap.conf file is like this eap { default_eap_type = tls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no ## EAP-TLS tls { private_key_password = password private_key_file = /etc/raddb/certs/07xwifi.pem certificate_file = /etc/raddb/certs/07xwifi.pem CA_file = /etc/raddb/certs/root.pem dh_file = /etc/raddb/certs/dh random_file = /etc/raddb/certs/random fragment_size = 1024 include_length = yes } peap { default_eap_type = tls } } 2 radiusd.conf (only authorize and authentication section) nstantiate { } authorize { preprocess mschap eap files } # Authentication. authenticate { Auth-Type MS-CHAP { mschap } eap } 3 I havn;t modified users file since its eap-tls authentication Giude me any modification required further for eap-tls certificate based authentication. Regards Anoop
That the server is working as expected.
Alan DeKok.
TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13
eaptls_verify returned 1 eaptls_process returned 13
What is these debug messages indicate...
Anoop
anoop_c@sifycorp.com wrote:
Dear all Thanks for the information.I am not able to do successful authentication still. These are my configurations
I have copied my root.pem and server.pem to /etc/raddb/certs directory 1.My eap.conf file is like this
The FAQ, README, INSTALL, etc. all say to run the server in debugging mode to see what's going on. If there are problems with EAP authentication, read the FAQ. There *is* documentation. It can help you solve these issues. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
participants (2)
-
Alan DeKok -
anoop_c@sifycorp.com