Failed in SSLv3 read client certificate A

Michael Martinez mwtzzz at
Thu Jun 2 16:45:45 CEST 2016

Trying to use EAP-TLS to authenticate an iPad on radius going through
a wireless access point that is controlled by a Lan controller Cisco
Seeing the following in the radius logs:

(48) eap_tls: ERROR: TLS_accept: Failed in SSLv3 read client certificate A
(48) eap_tls: ERROR: SSL says: error:140940E5:SSL
routines:ssl3_read_bytes:ssl handshake failure
(48) eap_tls: ERROR: SSL_read failed in a system call (-1), TLS session failed
(48) eap_tls: ERROR: TLS receive handshake failed during operation

My questions:

#1) I'm hoping someone may have experienced this before and knows
exactly how to fix it. "Oh yeah, you need to do blah on the iPad" or
"Oh you need to trust the CA on the lan controller" or whatever

#2) Is there a way to get more information from radius? It's unclear
whether Radius (a) received the client certificate but does not
understand it, or (b) did not receive the client certificate at all

Michael Martinez

More information about the Freeradius-Users mailing list