new error message spotted in FR logs

Alex Sharaz alex.sharaz at
Fri Apr 17 12:28:48 CEST 2020

Upon closer examination it appears to have been a server specific thing.
Our systems department were upgrading server from Ubuntuy 16.04 -> 18.04
and rebuilding FR at the same time. Unfortunately they "upgraded" from
running 3.0.22 ->0  and were changing puppet based configs at the same

Lots of. moving windows I'm afraid.

Everything sorted now and back to normal


On Fri, 17 Apr 2020 at 11:04, Alan Buxey <alan.buxey at> wrote:

> hi,
> IIRC that message only comes from the OCSP part of FreeRADIUS EAP-TLS
> - and it whilst it suggests that the issuer of the EAP-TLS cert that
> the
> client is using could not be found in your chain it might really be
> some Ubuntu/Debian OpenSSL thing - changes to acceptable crypto etc.
> might be
> that which is causing the upset.  I guess this error is only seen when
> you are firing off tests from that one client and you havent got an
> other/older copy been
> fired off from some monitor platform? (a platform which might have
> TLS1.1 or higher issues) ?
> alan
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list