TLS Error with Freeradius 2: unkown_ca
Alan DeKok
aland at deployingradius.com
Mon Jun 16 21:49:11 CEST 2008
Julian Stöver wrote:
> I'm running Freeradius2 with EAP-TLS. I've created new certificates and
> putted them into my certs-dir. Radius starts with no errors. But if I
> try to login, I get this TLS Error:
...
>> rlm_eap_tls: <<< TLS 1.0 Handshake [length 0467], Certificate
>> --> verify error:num=18:self signed certificate
>> rlm_eap_tls: >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
You have given the client a self-signed certificate. You have given
the server a completely *different* set of certificates. Since there is
no common point of reference, the user cannot authenticate.
You need to give the client a certificate that is signed by the server
certificate.
Alan DeKok.
More information about the Freeradius-Users
mailing list