EAP-TLS Signature Check Failure

Peter Bance peter at peterbance.co.uk
Wed Jun 10 20:24:05 CEST 2020 

Hi there,

Newbie here, so please be gentle :)

I've been setting up a FreeRADIUS server for a client, so they can 
(finally!) break away from AD/NPS-based RADIUS (ugh) for company WiFi. I 
have SCEP certificates pushed out to all machines, and I have iPhones 
connecting perfectly (transparent connection to test SSID with 
successful RADIUS validation). But I am banging my head against the wall 
with Windows 10 devices...

Certificates valid (from the same source, same profile), CA configured 
correctly, it _should_ be working (as iOS can connect), but freeradius 
-X gives me this:

...
(42) eap_tls: ocsp: Cert status: good
(42) eap_tls: ocsp: Certificate is valid
(42) eap_tls: TLS_accept: SSLv3/TLS read client certificate
(42) eap_tls: <<< recv TLS 1.2  [length 0066]
(42) eap_tls: TLS_accept: SSLv3/TLS read client key exchange
(42) eap_tls: <<< recv TLS 1.2  [length 0108]
(42) eap_tls: >>> send TLS 1.2  [length 0002]
(42) eap_tls: ERROR: TLS Alert write:fatal:decrypt error

(42) eap_tls: ERROR: Failed in __FUNCTION__ (SSL_read)
(42) eap_tls: ERROR: error:0407E086:rsa 
routines:RSA_verify_PKCS1_PSS_mgf1:last octet invalid
(42) eap_tls: ERROR: error:1417B07B:SSL 
routines:tls_process_cert_verify:bad signature
(42) eap_tls: ERROR: System call (I/O) error (-1)
(42) eap_tls: ERROR: TLS receive handshake failed during operation
(42) eap_tls: ERROR: [eaptls process] = fail
(42) eap: ERROR: Failed continuing EAP TLS (13) session.  EAP sub-module 
failed
(42) eap: Sending EAP Failure (code 4) ID 187 length 4
...

Sadly I can't work out _which_ signature it's having a problem with - 
openssl verify is fine with the certificate and CA. The correct 
certificate is being sent (I can see that elsewhere in the output), EKU 
is all good.

Any pointers would be really appreciated - I'm not sure at the moment 
whether to continue squinting at FreeRADIUS config, Windows config, SCEP 
certificate properties, or what!

FreeRADIUS 3.0.21
OpenSSL 1.1.1
Windows fully updated

I have different CAs for FreeRADIUS (Let's Encrypt) and SCEP 
(self-signed), but I understand this is fine, and as I mentioned it 
works for iOS.

Has anyone seen this before? I've hunted all over the Internet, but 
nothing quite matches :(

Thanks in advance.

-- 
Peter Bance
Information Security Adviser

More information about the Freeradius-Users mailing list