Trusted CA, Signed Certs and Verification
Alan DeKok
aland at deployingradius.com
Fri Apr 4 21:09:54 CEST 2014
Sam Fakhreddine wrote:
> When I run radius -X everything works normally and the config file loads those files, and yet I still get "server identity cannot be verified" even though the entire chain is available there.
>
> I can verify with openssl verify that my certificate and my chain are OK
Then the device is broken. See if there's any debugging *it* has
which can help.
Also, try using eapol_test, as suggested on my web site:
http://deployingradius.com
If eapol_test works, then you KNOW the device is broken. The
eapol_test program is just about perfect. It will either work, or will
give useful error messages.
Alan DeKok.
More information about the Freeradius-Users
mailing list