unknown CA when trying to authenticate

Carsten Schulze carsten.schulze at leuphana.de
Wed Feb 24 09:00:06 CET 2021


I got the same problem after a Debian upgrade from 9 to 10 and it was 
not a client problem!

Our CA: Root-CA - Intermediate CA - CA

The solution for me

//in mods-enabled/eap
#ca_file = ${certdir}/ca-gen2.pem <- Dont use this - put your CAs into 
   certificate_file = ${certdir}/radius1w.company.de.pem <-Now: 
Certificate - CA - Inter-CA - RootCA

Restart. Works!

Maybe this might help as well:


Am 23.02.2021 um 01:01 schrieb Tyler Montney:
> Thank you for your time, I no longer need assistance. Consider this
> resolved.
> On Mon, Feb 22, 2021 at 5:55 PM Alan DeKok <aland at deployingradius.com>
> wrote:
>>> On Feb 22, 2021, at 6:36 PM, Tyler Montney <montneytyler at gmail.com>
>> wrote:
>>> "Did you give a *full* description of what you wanted to do, as requested
>>> in http://wiki.freeradius.org/list-help"
>>> Truncated -X output, and no config initially. I got to the mailing list
>> by
>>> landing on https://freeradius.org/support/ from Google, then going to
>>> http://lists.freeradius.org/mailman/listinfo/freeradius-users. I saw no
>>> mention of this page. Someone should include this link to that page
>> there.
>>    When you subscribe to the list, you get an email pointing you to that
>> page.  It helps to read it.
>>    As for the rest of your message... you can give tons of detail to prove
>> you did nothing wrong.  But when you want help, you give almost no
>> information.  Most people would see the contradiction here.
>>> If someone else here wants to help, I'll take it from them. Perhaps
>> someone
>>> else on here is a "mind reader". You're off the hook.
>>    Stop your personal attacks, or you will be unsubscribed from the list,
>> and permanently banned.
>>    This is your only warning.
>>    Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5344 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20210224/3f0040d2/attachment-0001.bin>

More information about the Freeradius-Users mailing list