Multiple EAP-TLS modules with different certificates

Thibault Le Meur Thibault.LeMeur at
Fri Apr 2 11:09:08 CEST 2010

Hi Alan,
Thank you for your prompt answer.

Alan DeKok a écrit :
>   Yes.  Others use multiple certs && multiple EAP modules.

Thanks for this answer, this confirms that I'm on the right way.

>> A quick look at FR debug logs confirms, as far as I can read them, that
>> the client is refusing the radius server certificate.
>   I don't think that's in the debug log.

You're right it's not clearly writtent in the FR logs, but the fact the 
TLS exchanges just stop at a given time help me suppose the origin of 
the problem (which is confirmed bu reconfiguring the supplicant).

>> Is there a client tool to check which certificate is used by FR ?
>   wireshark might do it.
You're right, I'll do this.

>> Have I missed something in the setup ?
>   Did you test each piece in isolation before putting it all together?
No because I'm working on my production radius server and I didn't want 
to break my old SSID (which I unintentionally did anyway for 5 minutes).

I'll make more tests and will triple check my setup now I know that it's 

Many thanks again for your answer.


More information about the Freeradius-Users mailing list