[ttls] <<< TLS 1.0 Alert [length 0002], fatal bad_certificate
Ben
ben+freeradius at list-subs.com
Sat Mar 1 12:41:09 CET 2014
> The CA root, if it isn't already present.
Have already tried that, as mentioned. Hence my approaching the list
for further advice.
>
> You also need to ensure that the "certificate_file" option under the
> eap{} module contains the server and all intermediate certs (you don't
> need to put the root on there).
Will go double check....
>
> If you've done that, then either there's something wrong with the
> certs, or something wrong with the client. Since it's the client
> complaining, you'll need to debug the client.
There's nothing wrong with the certs, they work perfectly well with
EAP-TLS.
If you've got ideas for debugging an Amazon Paperwhite, I'd love to hear
them !
>
> What is the client?
Amazon Paperwhite. I'm broadly trying to follow the hints here
(https://tribut.de/blog/amazon-kindle-and-eduroam/) although this isn't
being connected to Eduroam.
More information about the Freeradius-Users
mailing list