More certificate trouble
Morris, Andi
amorris at cardiffmet.ac.uk
Thu Jul 19 12:42:59 CEST 2012
I've been getting trouble using freeradius with certificate validation, and until now have been running without this option selected in a test environment, however even with validation unselected I'm still having trouble connecting clients, with the debug output showing the below warning:
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0xd8b9e275d8bcfbd1 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
So I decided to blitz the certificates and try and start afresh, following Alan's documentation on the http://deployingradius.com/documents/configuration/certificates.html webpage, and have hit a few issues along the way which I can't explain.
Firstly, even when using the snake oil certificates I cannot get the radius service to start without manually entering the PEM password, why isn't this happening automatically?
Secondly, I've successfully created the certificates after entering the information in server.cnf and ca.cnf, then running the make command, but I'm still seeing the certificate compatibility warning on my Windows client, even with the validate server box unchecked.
debug files attached.
Thanks for any help,
Andi
________________________________
>From 1st November 2011 UWIC changed its title to Cardiff Metropolitan University. From the 6th December 2011, as part of this change, all email addresses which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All emails sent from Cardiff Metropolitan University will now be sent from the new @cardiffmet.ac.uk address. Please could you ensure that all of your contact records and databases are updated to reflect this change. Further information can be found on the website here.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx>
Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan Caerdydd. O Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost sy'n cynnwys @uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a ddanfonir o Brifysgol Fetropolitan Caerdydd yn cael eu danfon o‘r cyfeiriad @cardiffmet.ac.uk newydd. Gwnewch yn siwr eich bod yn diweddaru eich cofnodion cyswllt a'ch cronfeydd data i adlewyrchu hyn. Gellir cael rhagor o wybodaeth ar y wefan yma.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120719/fdf2fd96/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radiusdebug.log
Type: application/octet-stream
Size: 56476 bytes
Desc: radiusdebug.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120719/fdf2fd96/attachment-0001.obj>
More information about the Freeradius-Users
mailing list