more EAP/TTLS trouble

Phil Mayers p.mayers at
Wed May 23 18:24:54 CEST 2012

On 23/05/12 16:16, Alan DeKok wrote:

>> rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
>> alert unknown ca
>> SSL: SSL_read failed inside of TLS (-1), TLS session fails.
>    IIRC, it means that the client doesn't have the same CA as the server.
>   So it gets the server's certificate, and goes "huh?".  It then sends an
> "unknown CA" back to the server.
>    The solution is to add the CA to the client PC.

For what it's worth, it would be *really* handle to be able to trigger a 
log message (with controllable format) when this happened; possibly a 

More information about the Freeradius-Users mailing list