freeradius with wpa-supplicant eap-tls mode configuration

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Mon Mar 7 14:03:33 CET 2016


Hi,

> I am trying to setup freeraadius in eap-tls mode. I am using freeradius as
> a server and wpa-supplicant as a client. I have installed both packages in
> Ubuntu-14.04.3. I am using the sample certificates provided along with
> freeradius package. I use the script bootstrap provided in
> */freerad/raddb/cert* . I donot know if this script properly signs the
> certificate or not as i am not an expert in this area. I simply provide the
> paths to these certificates in client.conf to freeradius and configuration
> file in wpa-supplicant. Following is the wpa-supplicant configuration i am
> using

okay

> network={
> 
>   ssid="YOUR-SSID"
>   scan_ssid=1
>   key_mgmt=WPA-EAP
>   eap=TLS
>   identity="alice"
>   ca_cert="/home/areh/freeradius-server-3.0.11/raddb/certs/ca.pem"
>   client_cert="/home/areh/freeradius-server-3.0.11/raddb/certs/client.pem"
>   private_key="/home/areh/freeradius-server-3.0.11/raddb/certs/client.key"
> }

okay

the private key should also be in the pem file as well - but these are protected
by password and you dont have a password option in the config - so you'll need to
convert the file to not be password protected (the output clearly shows password
problem )

also.....at this point you need to show us the debug output of freeradius, not the
wpa_supplicant output - we need to see the problem at the server end.

many thanks

alan


More information about the Freeradius-Users mailing list