(4) eap_tls: ERROR: TLS Alert write:fatal:unexpected_message
aland at deployingradius.com
Fri Jun 18 23:54:21 CEST 2021
On Jun 17, 2021, at 10:07 PM, Michel Verhagen <mike at guruce.com> wrote:
> I am using the test certs as generated by ./bootstrap. I am having trouble finding the right instructions for setting up Wireshark to decode EAPOL-TLS (over LAN, not WIFI). If you could provide some guidance, that would be much appreciated.
It's been a while since I did it. But I don't recall it being complex.
> With whatever I have tried, wireshark always complains about the .pem files, passwords, etc. I have tried this:
> Wireshark -> Edit -> Preferences -> Protocols -> TLS -> RSA keys list [Edit...] -> ip any, port 0, protocol data, key file ca.pem, password <nothing>,
No, you want to load the server cert, and the servers private key. The CA cert isn't helpful here.
> but wireshark pops up an error dialog stating "Can't load private key from ca.pem: can't import pem data: The requested data were not available". I don't think I can use the (Pre)-Master-Secret log filename (setting the "SSLKEYLOGFILE" environment variable) because that requires a webbrowser like Chrome. Anyway, any pointers on how to capture the right stuff and decode using the certs from Freeradius would be appreciated.
I'll take a look. But you should be able to just put the server cert && private key into a file, load that, and enter the password. It should then decrypt everything fine.
More information about the Freeradius-Devel