Problems with CA using PEAP/TTLS

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Oct 11 23:54:09 CEST 2016


Hi,

> I'm using freeradius 2.2.5 on debian for authentication of wireless

with that old version you will start to get more problems.


what is the CA - selfsigned? it may be that the server cert or the CA does not meet
client requirements (eg not SHA-2 but MD5, doesnt have required extensions or CA
assertions etc.

you can grab a copy of whats being thrown your way from the RADIUS server by using eg eapol_test
(part of wpa supplicant package - comes with wpa_supplicant package in decent distros....build
it yourself from source on lesser distros)



alan


More information about the Freeradius-Users mailing list