Client Certificate!

Kwok Sianbin sianbin_kwok at
Mon May 26 05:15:10 CEST 2008

Hi Alan,
As you previous email mention, I need to run the server script.
Do you mean the script in the README file that come with Freeradius (/raddb/scripts).
# make server.pem
# make server.csr
I just started to use the Linux hence I am not quite familiar with it.

----- Original Message ----
From: Alan DeKok <aland at>
To: FreeRadius users mailing list <freeradius-users at>
Sent: Saturday, May 24, 2008 2:00:22 PM
Subject: Re: Re : EAP-TTLS w/MS-CHAPv2

Kwok Sianbin wrote:
> #radtest MarsNet Mars123 localhost 0 testing123
>  User-Name = "MarsNet"
> if I change the configuration in radiusd.conf to bind to particular IP
> address (eth0) then about radtest failed to Accept.

  Because you're sending packets to localhost?  Do you know what
different network interfaces are?

> ++[eap] returns handled
>        Reply-Message = "Hello, MarsNet"
>        EAP-Message = 0x010200060d20
>        Message-Authenticator = 0x00000000000000000000000000000000
>        State = 0x58961ab6589417883d2fb3d577435665
> Finished request 2.
> Going to the next request
> Waking up in 4.9 seconds.

  This is in the FAQ.  You are using a Microsoft client, and the server
certificate doesn't have the correct OID's.

  Use the certificate generation scripts that come with the server.

  Alan DeKok.
List info/subscribe/unsubscribe? See

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list