SV: SV: Any Trusted CA problem

Torkel Mathisen torkel.mathisen at bbs.no
Thu Feb 23 09:29:35 CET 2006


Alan DeKok wrote:
> "Torkel Mathisen" <torkel.mathisen at bbs.no> wrote:
> > I don't use client certificates I think. Atleast I haven't installed
any
> > certificates on my clients.
> 
>   It looks like the client is sending one.
> 
> > So how can I fix that?  Just delete the client certificate from the
> > radius server ?
> 
>   No, delete it from the client.

I'm sorry, but I don't understand why this is the client certificate.
The problem is that on my clients I have to uncheck the "Validate server
certificate" option.

Only when i uncheck that, the authentication with radius works. And the
problem is that some drivers don't let you do that. Even if its set to
"Any trusted CA" it doesn't work. 

There is a picture of that option here: (even though this is for
EAP-TLS, which I'm not using):

http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html
(search for "Validate server certificate")

Regards,
Torkel




More information about the Freeradius-Users mailing list