Problem with handshake

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Dec 22 17:23:57 CET 2015


Hi,

> I did what you told me to do, I passed cacert.pem, radius.key and
> radius.seciu.edu.uy.crt to the client. But I got the same error
> message.

you gave the clien the radius server cert AND key??  :(

time to make some new certs for the server


all you need to provide the clients with is the CA - that can be done via them installing
it (and if you have done background reading you'll know what certificate store the CA
needs to be put into).

the current release of FreeRADIUS has all the correct certificate attributes you need for
all modern clients to be happy.

client config - ensure CA installed and choose from the CA list, ensure that check CN is enabled
and the CommonName (from the certificate of the RADIUS server) is put in  (this MAY be its DNS name
too but so long as it matches the CN of the server cert you are okay).

now just correct username/password.

done


alan


More information about the Freeradius-Users mailing list