Beginner help

KAVYA PRABHAKAR kavyamelinmaneprabhakar at gmail.com
Thu Oct 16 04:56:50 CEST 2014


Hi,

Thanks for the help.
I am able to open 2083 tcp port.
I have a RADIUS client which sends request to freeradius server. Before
sending request to server, it creates a TCP\TLS connection with it.
TCP connection is getting established and during TLS handhsake, server
throws following error:

(0) <<< TLS 1.0 Handshake [length 025c], Certificate
--> verify error:num=18:self signed certificate
(0) ERROR: SSL says error 18 : self signed certificate
(0) >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
(0) ERROR: SSL says: TLS Alert write:fatal:unknown CA
(0) ERROR: SSL says:     TLS_accept: error in SSLv3 read client certificate
B
(0) ERROR: SSL says: error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
SSL: SSL_read failed in a system call (-1), TLS session fails.
(0) FAILED in TLS handshake receive
Closing TLS socket from client port 1645
Client has closed connection
 ... shutting down socket auth from client (10.253.6.11, 1645) -> (*, 2083,
virtual-server=default)
Waking up in 2.9 seconds.
... cleaning up socket auth from client (10.253.6.11, 1645) -> (*, 2083,
virtual-server=default)

Looking at the debugs I think server expects client certificate information
as well. Does it work on MTLS? (mutual TLS).
I am using self signed certificate generated by ubuntu(where server is
installed) and using the same in tls file.
The same certificate is put under trusted root in client as well.


Thanks,
Kavya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141016/485de3be/attachment.html>


More information about the Freeradius-Users mailing list