Client Certificate!
Kwok Sianbin
sianbin_kwok at yahoo.com
Mon May 26 05:15:10 CEST 2008
Hi Alan,
As you previous email mention, I need to run the server script.
Do you mean the script in the README file that come with Freeradius (/raddb/scripts).
# make server.pem
# make server.csr
I just started to use the Linux hence I am not quite familiar with it.
----- Original Message ----
From: Alan DeKok <aland at deployingradius.com>
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Sent: Saturday, May 24, 2008 2:00:22 PM
Subject: Re: Re : EAP-TTLS w/MS-CHAPv2
Kwok Sianbin wrote:
...
> #radtest MarsNet Mars123 localhost 0 testing123
> User-Name = "MarsNet"
...
> if I change the configuration in radiusd.conf to bind to particular IP
> address (eth0) then about radtest failed to Accept.
Because you're sending packets to localhost? Do you know what
different network interfaces are?
...
> ++[eap] returns handled
> Reply-Message = "Hello, MarsNet"
> EAP-Message = 0x010200060d20
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x58961ab6589417883d2fb3d577435665
> Finished request 2.
> Going to the next request
> Waking up in 4.9 seconds.
This is in the FAQ. You are using a Microsoft client, and the server
certificate doesn't have the correct OID's.
Use the certificate generation scripts that come with the server.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080525/c81c5ccd/attachment.html>
More information about the Freeradius-Users
mailing list