Server certificate confusion

Alan DeKok aland at
Tue Apr 17 14:55:05 CEST 2018

On Apr 17, 2018, at 5:24 AM, Nick Howitt <nick at> wrote:
> Replying to my own post.
> There was a permission problem which I've now fixed, but I still get failure:
> eapol_test:
>   (6) eap_tls:   ERROR: SSL says error 26 : unsupported certificate
>   purpose

  That means that the certificate hierarchy is wrong.  i.e. cert A has created cert B, but cert A doesn't have OIDs which say it's allowed to create sub-certificates.

  Newer versions of OpenSSL check these settings.  Older versions of OpenSSL didn't do that.

  How did you create the certificates?  The scripts in the raddb/certs directory should work, so using those would probably help.

  Alan DeKok.

More information about the Freeradius-Users mailing list