[SOLVED] 802.1x auth EAP-TLS problem
Alan DeKok
aland at deployingradius.com
Wed Jun 29 15:03:33 CEST 2011
Christ Schlacta wrote:
> I always thought it was odd that the default makefile tried to sign the
> client certificate with the server certificate without the server
> certificate being signed with CA properties of any sort.
Yes, well...
> I thought it
> was some advanced chained root thing, but I never got it to work even
> once, so I wrote my own, but it sucks. I think it may be a bug, and you
> just reminded me of that. someone who knows what they're actually on
> about should investigate that and see if it needs fixin' or filin'.
It's a bug. The simplest thing to do is to make the client cert
signed by the CA cert. This might have been done already, but I don't
recall.
Patches are welcome.
Alan DeKok.
More information about the Freeradius-Users
mailing list