Problems with CA using PEAP/TTLS
dump at gmx.info
dump at gmx.info
Tue Oct 11 22:28:11 CEST 2016
Dear list.
I'm using freeradius 2.2.5 on debian for authentication of wireless
access. The problem is that authenticating clients (I'm using PEAP/TTLS)
works only if the CA-certificate is ignored by the client side. When
trying to authenticate the clients using the CA in Network-Manager the
authentication fails. The server certificate of freeradius is correctly
signed and the public CA is selected at the clients (linux using
Network-Manager).
Is there a possibility to catch the server certificate on the client
side after the transfer to the client. And then checking this server
certificate signature against the locally installed CA-certificate by
hand? For example using tcpdump?
Many thanks in advance
Jens
More information about the Freeradius-Users
mailing list