Failed in SSLv3 read client certificate A
Michael Martinez
mwtzzz at gmail.com
Wed Jun 22 19:12:28 CEST 2016
On Sat, Jun 18, 2016 at 4:50 PM, Arran Cudbard-Bell
<a.cudbardb at freeradius.org> wrote:
> /usr/local/freeradius/sbin/radiusd -v
>
> Is more accurate than using ldd. It calls a version function in OpenSSL
> to get the version, it doesn't use compile time macros.
Awesome, thanks.
FYI, we were able to crack open the iPad logs, and found the following
interesting entries:
Jun 21 14:15:03 iPad eapolclient[178] <Error>: SecTrustEvaluate [leaf
AnchorTrusted]
Jun 21 14:15:03 iPad eapolclient[178] <Notice>: [eaptls_plugin.c:291]
eaptls_verify_server(): server certificate not trusted status 1001 9807
Jun 21 14:15:03 iPad kernel[0] <Notice>: 000220.437816 wlan0.N[82]
AppleBCMWLANCore::setCIPHER_KEY(): [eapolclient]: type = CIPHER_MSK, index =
0, flags = 0x0, key length = 0, key rsc length = 0
Jun 21 14:15:03 iPad eapolclient[178] <Notice>: en0 EAPTLS:
authentication failed with
status 1001
So, it appears we need to set the iPad to trust my self-signed server
certificate, and then it should work.
More information about the Freeradius-Users
mailing list