Freeradius with Docker - got Unknown CA error

Jiuyu Sun sunjiuyu at
Fri Aug 9 03:46:05 CEST 2019

Thanks Alan!

I think both the server and client certificate should match the same CA.
Using the same set of certificate, I can run the server directly in Ubuntu.
So I doubt the issue is in my Dockerfile.

In my Dockerfile:

FROM ubuntu:18.04
RUN apt-get update &&\
    apt-get install -y freeradius
RUN adduser radius
WORKDIR /radius
EXPOSE 1812/udp 1813/udp
COPY radiusd.conf /radius/
COPY certs/* /radius/certs/
CMD ["/usr/sbin/freeradius", "-d", ".","-f","-x","-lstdout"]

I copied all the certificates under the current certs/ directory to
/radius/certs/ in the docker environment. In the docker environment, there
are still certificate under /etc/freeradius/3.0/certs, will FreeRadius use
those certificates instead?

Thanks a lot!

On Thu, Aug 8, 2019 at 6:10 PM Alan DeKok <aland at> wrote:

> On Aug 8, 2019, at 8:51 PM, Jiuyu Sun <sunjiuyu at> wrote:
> >
> > Thanks Alan for the quick response!
> >
> > I am using eapol_test to send the request with the ca.pem, but still got
> > the Unknown CA error:
>   Then the client certificate is signed with another CA cert.
>   OR the server certificate is signed with another CA cert.
>   The certificates that come with the server work.  The default
> configuration works.  So... what changed?
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list