chain certificate problem
Thierry Chich
thierry.chich at ac-clermont.fr
Wed Nov 6 17:57:43 CET 2013
Hello,
I have a problem with the certificate I use for my eap-peap. It seems that the certificate is not recognized.
What I know:
1) the chain is complete :
radius:/etc/freeradius/certs# c_rehash certificatAP/
...
radius:/etc/freeradius/certs# openssl verify -CApath certificatAP/ certificatAP/certificat20sept2014.pem
certificatAP/certificat20sept2014.pem: OK
2) it is a problem of certificate: windows accept to connect if I ask him to not vaidate the certificate server. With other os than windows, I have more details. OSX is claiming that my certificate is not verified. It is not OS related.
3) The root certificate is accepted in both OS.
What the point ? Should I have all the intermediate certificate in the store of my clients ? Is it a way to present the whole chain to the client, the same way it can be done by http servers ?
Regards,
--
Thierry CHICH
More information about the Freeradius-Users
mailing list