Unknown CA error in FR Debug

Alan DeKok aland at deployingradius.com
Mon Jan 24 15:42:59 CET 2011

Sallee, Stephen (Jake) wrote:
> Firstly thank all of you who assisted me in trying to get a public cert
> working, regrettably since Microsoft apparently lost all intelligence in
> dealing with 802.1x wireless authentication it looks as though I will be
> using a private cert.

  That's easiest.

> That being said, I have generated the new private cert using the
> bootstrap script (I did, of course, change the parameters to suit my
> needs) and I now have my shiny new private cert…however, after I import
> the new cert into my clients I am still getting the unknown CA error in
> my FR debug.  The client is obstinently silent, which makes me want to
> smash it with a hammer, but that is beside the point.

  The message is likely from the client, saying "I don't know the CA cert".

> What cert should I import into the client and in what cert store
> location should I put in?  The clients are windows based BTW (usually
> Win 7)  THANKS for all your help.


  See the EAP howto for *complete* instructions on getting this to work.
 It has step-by-step instructions, including which cert goes where.

  Alan DeKok.

More information about the Freeradius-Users mailing list