XP won't authenticate with EAP TLS - log shows unknown_ca fatal error

Kris Benson kbenson at sd57.bc.ca
Mon Aug 8 17:18:04 CEST 2005

>I think the problem was that the certs I generated for CA and server  
>weren't in the ssl/certs directory though they were in the raddb/ 
>certs directory.  Other than that, I don't think I did anything  
>different between attempts at CA and cert creation when I finally got  
>it working.  Definitely didn't change my radiusd.conf, clients.conf  
>or eap.conf files between attempts, so it was definitely cert related.
>I need to experiment a little more to see where I went wrong the  
>first couple attempts, but all the conf files were correct as I  
>didn't change them between attempts.

Did you do anything differently with your 'random' file and your 'dh' file?

Creating those properly (as opposed to the idiotic directions of "date >
dh; date > random") seemed to solve my dilemma when I was getting a
similar issue to what you were getting.

Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)

More information about the Freeradius-Users mailing list