SSL V3 client certificate error

Danny Kurniawan danny.kurniawan at fairchildsemi.com
Thu Feb 28 06:12:56 CET 2013


Hi All,

I have some intermittent issue with our Radius auth.
OS : SLES 11
Radius 2.1.1

We get the cert from GlobalSign and use it at the 2 Radius server. So
Server A and Server B use the same cert.
in Server B, ometimes it works fine to authenticate and sometimes its
failed but everything fine in Server A.

Fri Feb 22 18:31:39 2013 : Auth: Login OK: [sdholakia2] (from client
AllWirelessAP port 0 via TLS tunnel)
Fri Feb 22 18:31:39 2013 : Auth: Login OK: [sdholakia2] (from client
AllWirelessAP port 0 cli A0-88-B4-0F-C3-D8)
*Fri Feb 22 18:36:30 2013 : Error: TLS Alert read:fatal:unknown CA
Fri Feb 22 18:36:30 2013 : Error:     TLS_accept:failed in SSLv3 read
client certificate A
Fri Feb 22 18:36:30 2013 : Error: rlm_eap: SSL error error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Fri Feb 22 18:36:30 2013 : Error: SSL: SSL_read failed inside of TLS (-1),
TLS session fails.*
Fri Feb 22 18:36:30 2013 : Auth: Login incorrect: [800200sq] (from client
AllWirelessAP port 0 cli A0-88-B4-58-BA-8C)
Fri Feb 22 18:37:34 2013 : Auth: Login OK: [800200sq] (from client
AllWirelessAP port 0 via TLS tunnel)
Fri Feb 22 18:37:34 2013 : Auth: Login OK: [800200sq] (from client
AllWirelessAP port 0 cli A0-88-B4-0F-C3-D8)

Any idea what should i check for that error?

Thanks

-- 
Best Regards,
Danny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130228/d88ece28/attachment.html>


More information about the Freeradius-Users mailing list