Eap-Tls Problem

Matteo Lazzarini mlazzarini at crema.unimi.it
Thu Aug 24 00:25:50 CEST 2006

K. Hoercher wrote:

> Hi,
> so Matteo is trying to setup wireless 8021x auth with freeradius.
> Eventually most of the information happened to end in -devel, where I
> asked him to stop mailing to, because I'm quite convinced that his
> problems don't belong there.
> That said, "dpkg -s freeradius openssl" should give you the
> information you are seeking, which looks quite irrelevant to the
> problem at hand.
> In short, after the information you gave, I strongly suspect the XP
> supplicant not responding to Challenges due to still improper OID's in
> your certs. Please make double sure your windows cert store or however
> it is called contains the rootCA and your certificate properly, and
> those get into consideration when you test your wireless setup.
> Exporting them from cert store and attaching them (provided they are
> for test purposes and don't contain real crypto secrets) would be my
> suggestion.
> Something along this line should apply to your /etc/X1/jagger.pem.
> ah and yes, just the default users file would suffice.
> regards
> K. Hoercher
> - List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html

I have not understood yours suggestion. But as I can be sure that the 
certs they are corrected for TLS?
Excuse me but it is from little that use freeradius.
If I use the CA.all script that I find in the scripts directory I obtain 
the same type of certs that use now!
Which thing is the cause of this problem?
I do not want to leave to lose!
Tomorrow I make the tests also with Peap and see with sniffer that what 
out from the client when I'm asking my access-request...

More information about the Freeradius-Users mailing list