Authentication fails every once and awhile and CRL question
Jason Carr
jcarr at andrew.cmu.edu
Fri Sep 30 21:10:51 CEST 2005
This only happens every once and awhile, not sure why. Here's a log
file of the authentication. Not one specific supplicant fails, but this
one happens to be OS X 10.3. Others include SP2.
Any reason or should I blame this on the client?
Also I'm reloading radiusd with kill -HUP pid every 15 minutes to load a
CRL, is that really required or can I get away with not reloading it?
Here's an auth fail.
Fri Sep 30 11:57:04 2005 : Info: rlm_eap_tls: Length Included
Fri Sep 30 11:57:04 2005 : Error: TLS_accept:error in SSLv3 read
client certificate A
Fri Sep 30 11:57:04 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Fri Sep 30 11:57:04 2005 : Info: rlm_eap_tls: Received EAP-TLS First
Fragment of the message
Fri Sep 30 11:57:04 2005 : Info: rlm_eap_tls: More fragments to follow
Fri Sep 30 11:57:04 2005 : Info: (other): SSL negotiation finished
successfully
Fri Sep 30 11:57:35 2005 : Info: rlm_eap_tls: Length Included Fri Sep
30 11:57:35 2005 : Error: TLS_accept:error in SSLv3 read client hello C
Fri Sep 30 11:57:35 2005 : Error: rlm_eap_tls: SSL_read failed in a
system call (-1), TLS session fails.
Fri Sep 30 11:57:35 2005 : Error: rlm_eap_tls: BIO_read failed in a
system call (-1), TLS session fails.
Fri Sep 30 11:57:35 2005 : Auth: Login incorrect:
[wpa-tester.wv.cc.cmu.edu/<no User-Password attribute>] (from client
access-points port 360 cli xxxx.xxxx.xxxx
More information about the Freeradius-Users
mailing list