RADSEC testing with FR 3.1
Alex Sharaz
alex.sharaz at york.ac.uk
Fri Dec 9 16:46:07 CET 2016
That's what I thought as well. Configured 1 file with cert + intermediate
CA + root ca in that order, using it at each end
A
On 9 December 2016 at 15:18, Alan DeKok <aland at deployingradius.com> wrote:
> On Dec 9, 2016, at 6:10 AM, Alex Sharaz <alex.sharaz at york.ac.uk> wrote:
> >
> > o.k back to 3.0\
> > Fri Dec 9 10:49:55 2016 : Debug: (0) <<< recv TLS 1.2 [length 0002]
> > Fri Dec 9 10:49:55 2016 : ERROR: (0) TLS Alert read:fatal:unknown CA
>
> That seems important.
> >
>
> > Fri Dec 9 10:49:55 2016 : Debug: (0) Creating attributes from
> certificate
> > OIDs
> > Fri Dec 9 10:49:55 2016 : ERROR: (0) SSL says error 19 : self signed
> > certificate in certificate chain
> > Fri Dec 9 10:49:55 2016 : Debug: (0) >>> send TLS 1.2 [length 0002]
> > Fri Dec 9 10:49:55 2016 : ERROR: (0) TLS Alert write:fatal:unknown CA
>
> And that seems important.
>
> Your certificates aren't configured correctly.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
More information about the Freeradius-Users
mailing list