SSL certificate problems
aland at deployingradius.com
Tue Oct 30 07:40:24 CET 2007
Walter Gould wrote:
> Sorry to bother you guys again - I created new SSL certificates per
> your above instructions... After the certs were created, I then:
> 1. copied them to the /etc/raddb/certs directory
> 2. updated /etc/raddb/eap.conf with the certificate names & private key
> 3. copied and installed the new certificate (server.pem) onto my XP
> laptop and
> 4. started radiusd in debug mode, below is the output
> It is acting as you describe in the FAQ -
You didn't add the root certificate to the XP machine. See the
EAP-TLS "howto's" on the web site.
> So, I am wondering will I need to install the hotfix as listed in the
> FAQ - and, will this have to be done on ALL Windows machines? I am
> thinking that I still do not have something configured right on my
> side. If I uncheck the "validate server certs" box on the XP client, I
> can connect and authenticate successfully.
Yup. "Ignore that we have no idea where this certificate came from,
and do PEAP anyways".
More information about the Freeradius-Users