SSL error

Ivan Kalik tnt at kalik.net
Tue Feb 19 20:47:19 CET 2008 

No. You have no client cerftificate so there is nothing to be read.
That's normal. But PEAP conversation stopping in the middle with an
Access-Challenge is another matter - described in FAQ, eap.conf, ...

Ivan Kalik
Kalik Informatika ISP


Dana 19/2/2008, "Eduardo Lima" <duwise2003 at yahoo.com.br> piše:

>I'm trying to build a radius server with PEAP-mschap but it's not working because an ssl error:
>
>short Log below:
>
>    modcall[authorize]: module "eap" returns updated for request 1
>      users: Matched entry teste at line 59
>    modcall[authorize]: module "files" returns ok for request 1
>  modcall: leaving group authorize (returns updated) for request 1
>    rad_check_password:  Found Auth-Type EAP
>  auth: type "EAP"
>    Processing the authenticate section of radiusd.conf
>  modcall: entering group authenticate for request 1
>    rlm_eap: Request found, released from the list
>    rlm_eap: EAP/peap
>    rlm_eap: processing type peap
>    rlm_eap_peap: Authenticate
>    rlm_eap_tls: processing TLS
>  rlm_eap_tls:  Length Included
>    eaptls_verify returned 11
>      (other): before/accept initialization
>      TLS_accept: before/accept initialization
>    rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
>      TLS_accept: SSLv3 read client hello A
>    rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
>      TLS_accept: SSLv3 write server hello A
>    rlm_eap_tls: >>> TLS 1.0 Handshake [length 0613], Certificate
>      TLS_accept: SSLv3 write certificate A
>    rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
>      TLS_accept: SSLv3 write server done A
>      TLS_accept: SSLv3 flush data
>      TLS_accept:error in SSLv3 read client certificate A
>  rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
>  In SSL Handshake Phase
>  In SSL Accept mode
>    eaptls_process returned 13
>    rlm_eap_peap: EAPTLS_HANDLED
>    modcall[authenticate]: module "eap" returns handled for request 1
>  modcall: leaving group authenticate (returns handled) for request 1
>  Sending Access-Challenge of id 1 to 10.0.0.245 port 1056
>          Idle-Timeout = 10
>
>
>
>Any ideas????
>
>
>
>
>---------------------------------
>Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento!
>

More information about the Freeradius-Users mailing list