TLS error between JRadius Simulator (1.3.0) and FreeRADIUS (2.16)

William Rettig WRettig at efji.com
Fri May 21 19:51:51 CEST 2010


Hello,

 

I am trying to run JRadius client Simulator against FreeRADIUS using
EAP-TLS authentication.  I was under the impression that these two
offerings worked together right out of the box.  I have tested my certs
against FreeRADIUS using Microsoft supplicant and all is well.  Will
someone tell me what they think might be the problem.  Please see the
FreeRADIUS TLS messages, below.  Your help will be greatly appreciated.

 

Bill

 

--> User-Name = user1

[tls] --> BUF-Name = 3eTI Test Cert (rsa1)

[tls] --> subject = /C=US/ST=Maryland/O=3eTI/OU=Engineering/CN=3eTI Test
Cert (rsa1)/emailAddress=wbickford at efjohnson.com

[tls] --> issuer  = /C=US/ST=Maryland/O=3eTI/OU=Engineering/CN=3eTI RSA
Engineering Test Intermediate CA/emailAddress=wbickford at efjohnson.com

[tls] --> verify return:1

[tls]     TLS_accept: SSLv3 read client certificate A 

[tls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange  

[tls]     TLS_accept: SSLv3 read client key exchange A 

[tls] <<< TLS 1.0 ChangeCipherSpec [length 0001]  

[tls] <<< TLS 1.0 Handshake [length 0010], Finished  

[tls] >>> TLS 1.0 Alert [length 0002], fatal unexpected_message  

TLS Alert write:fatal:unexpected_message 

    TLS_accept:failed in SSLv3 read certificate verify B 

rlm_eap: SSL error error:140880AE:SSL
routines:SSL3_GET_CERT_VERIFY:missing verify message

SSL: SSL_read failed inside of TLS (-1), TLS session fails.

TLS receive handshake failed during operation

[tls] eaptls_process returned 4 

[eap] Handler failed in EAP/tls

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100521/9f6e978b/attachment.html>


More information about the Freeradius-Users mailing list