problems with EAP-TTLS with Intermec GUN 2415
Phil Mayers
p.mayers at imperial.ac.uk
Fri Feb 17 21:41:04 CET 2006
Johan Arens wrote:
> Well thanks for the answers.
>
> What is puzzled me, is the error message error reading client
> certificate, it's like freeradius is waiting the client send it's
> certificate.
Yes, it's a misleading error message, but trust me it's meaningless.
Lots of people get it. My working PEAP server gets it.
> However with TTLS, the client doen't have a client certificate. It only
Indeed. However you can still ask the TLS connection for it, you just
don't get it AND it's not a problem. You're seeing the error because the
code is generalised between the TLS and TTLS paths (I think - or maybe
it was copy'n'pasted)
> has a copy of the root certificate. I'm going to setup a wpa_supplicant
> with a linux client to try to make it work.
FWIW the "eapol_test" program that comes with wpa_supplicant is also
very useful for verifying you've got the radius bit working without
having to fiddle with APs.
More information about the Freeradius-Users
mailing list