Problems with CA using PEAP/TTLS

A.L.M.Buxey at A.L.M.Buxey at
Tue Oct 11 23:54:09 CEST 2016


> I'm using freeradius 2.2.5 on debian for authentication of wireless

with that old version you will start to get more problems.

what is the CA - selfsigned? it may be that the server cert or the CA does not meet
client requirements (eg not SHA-2 but MD5, doesnt have required extensions or CA
assertions etc.

you can grab a copy of whats being thrown your way from the RADIUS server by using eg eapol_test
(part of wpa supplicant package - comes with wpa_supplicant package in decent
it yourself from source on lesser distros)


More information about the Freeradius-Users mailing list