Unable to setup freeradius server to authenticate from Unix username/passwords
Phil Mayers
p.mayers at imperial.ac.uk
Tue Feb 28 09:16:44 CET 2012
On 02/28/2012 07:54 AM, Mohit Aron wrote:
> TLS_accept: failed in SSLv3 read client certificate A
> rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> SSL: SSL_read failed inside of TLS (-1), TLS session fails.
You have failed to setup the required certs on the client. The client
needs to have a copy of the CA signing your server cert, either the
"real" cert you have, or the "test" cert generated by FreeRADIUS itself
when it first starts.
http://deployingradius.com/documents/configuration/certificates.html
http://deployingradius.com/documents/configuration/ca_import.html
Also: if you are trying to do EAP, you will NOT be able to use Unix
passwords unless you are using EAP-TTLS/PAP or GTC (which are not
supported in Windows), see:
http://deployingradius.com/documents/protocols/compatibility.html
More information about the Freeradius-Users
mailing list