Proxy to realm after eap-ttls authantication

Mesut Ozturk mesut at
Tue Nov 24 08:36:24 CET 2020

Hi Alan,

Thanks for reply.

>The Android device wasn't configured with the CA used by FreeRADIUS.  So... add the CA to the android system, and configure it to use that CA when authenticating to FreeRADIUS.

I created freeradius CA certificate according to link. Then eap config for using new created ca.pem
Also i downloaded ca.pem file to my Android device but still getting same error.

eap_ttls: ERROR: TLS Alert read:fatal:unknown CA

I dont understand what you mean with "use that CA when authenticating to FreeRADIUS". What i read in EAP-TTLS, auth server sends the certificate and client validates for open a secure tunnel. Why client have to sent the certificate ?

[]   Mesut Ozturk
R&D Senior Developer
P: +902122867576        E:  mesut at
F: +902122867476        W:
[] Santa Clara-CA, USA<,+Santa+Clara,+CA+95054,+USA/@37.4063062,-121.978682,923m/data=!3m2!1e3!4b1!4m5!3m4!1s0x808fc9cc6fc08be1:0xa189e7ab47ebcdc!8m2!3d37.4063062!4d-121.9764933?hl=en>   []  Istanbul, TURKEY<,+Istanbul,+Turkey/@41.106333,29.015257,876m/data=!3m1!1e3?hl=en>   []  Dubai, UAE<,+Building+%2314+-+Dubai+-+United+Arab+Emirates/@25.0984488,55.1609574,1052m/data=!3m2!1e3!4b1!4m13!1m7!3m6!1s0x3e5f6b696d88a9ab:0x6d495147845cd0f1!2sInternet+City,+Building+%2314+-+Dubai+-+United+Arab+Emirates!3b1!8m2!3d25.0983618!4d55.1631953!3m4!1s0x3e5f6b696d88a9ab:0x6d495147845cd0f1!8m2!3d25.0983618!4d55.1631953?hl=en>


More information about the Freeradius-Users mailing list