free radius 1.1.6 -eap-tls authentication
anoop_c at sifycorp.com
anoop_c at sifycorp.com
Fri May 11 09:08:47 CEST 2007
Dear all
Thanks for the information.I am not able to do successful authentication still.
These are my configurations
I have copied my root.pem and server.pem to /etc/raddb/certs directory
1.My eap.conf file is like this
eap {
default_eap_type = tls
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
## EAP-TLS
tls {
private_key_password = password
private_key_file = /etc/raddb/certs/07xwifi.pem
certificate_file = /etc/raddb/certs/07xwifi.pem
CA_file = /etc/raddb/certs/root.pem
dh_file = /etc/raddb/certs/dh
random_file = /etc/raddb/certs/random
fragment_size = 1024
include_length = yes
}
peap {
default_eap_type = tls
}
}
2 radiusd.conf (only authorize and authentication section)
nstantiate {
}
authorize {
preprocess
mschap
eap
files
}
# Authentication.
authenticate {
Auth-Type MS-CHAP {
mschap
}
eap
}
3 I havn;t modified users file since its eap-tls authentication
Giude me any modification required further for eap-tls certificate based authentication.
Regards
Anoop
> That the server is working as expected.
>
> Alan DeKok.
> TLS_accept: Need to read more data: SSLv3 read client certificate A
> In SSL Handshake Phase
> In SSL Accept mode
> eaptls_process returned 13
>
>
> eaptls_verify returned 1
> eaptls_process returned 13
>
> What is these debug messages indicate...
>
> Anoop
More information about the Freeradius-Users
mailing list