windows users having trouble authenticating
Alan DeKok
aland at deployingradius.com
Mon Aug 2 22:05:22 CEST 2010
Sallee, Stephen (Jake) wrote:
> I have a working FreeRADIUS server that will authenticate linux clients
> happily, however my windows clients are unable to authenticate. Here is
..
> [peap] <<< TLS 1.0 Alert [length 0002], fatal unknown_ca
> TLS Alert read:fatal:unknown CA
> TLS_accept:failed in SSLv3 read client certificate A
The supplicant is sending a certificate that the server doesn't recognize.
> As you can see the problem seems to lie in the TLS section, but I have
> followed all the HOWTOs I can find on installing and configuring the
> server cert. but to no avail. How do I tell the FreeRADIUS box to
> trust its own certificate? The cert was generated and signed on the
> FreeRADIUS box.
It's not a problem with FreeRADIUS. It's a problem with the
supplicant. (i.e. Windows box)
> Also as a side note, the linux users are able to authenticate by typing
> in domain\username, but doing this on a windows box shows very strange
> things in the radius log, and fails to authenticate. Is there a way to
> make both operating systems behave the same? Otherwise my windows
> clients must use the username at domain convention, once I get that working
What "strange things" show up in the log? Is it a secret?
Alan DeKok.
More information about the Freeradius-Users
mailing list