unknown CA when trying to authenticate
Carsten Schulze
carsten.schulze at leuphana.de
Wed Feb 24 09:00:06 CET 2021
Hi,
I got the same problem after a Debian upgrade from 9 to 10 and it was
not a client problem!
Our CA: Root-CA - Intermediate CA - CA
The solution for me
//in mods-enabled/eap
#ca_file = ${certdir}/ca-gen2.pem <- Dont use this - put your CAs into
certificate_file!
certificate_file = ${certdir}/radius1w.company.de.pem <-Now:
Certificate - CA - Inter-CA - RootCA
Restart. Works!
Maybe this might help as well:
http://blog.rchapman.org/posts/Troubleshooting_EAP-TLS_with_freeradius/
https://networkradius.com/doc/3.0.10/raddb/tls/tls-config_tls-common.html
Cheers
Carsten
Am 23.02.2021 um 01:01 schrieb Tyler Montney:
> Thank you for your time, I no longer need assistance. Consider this
> resolved.
>
> On Mon, Feb 22, 2021 at 5:55 PM Alan DeKok <aland at deployingradius.com>
> wrote:
>
>>
>>> On Feb 22, 2021, at 6:36 PM, Tyler Montney <montneytyler at gmail.com>
>> wrote:
>>> "Did you give a *full* description of what you wanted to do, as requested
>>> in http://wiki.freeradius.org/list-help"
>>>
>>> Truncated -X output, and no config initially. I got to the mailing list
>> by
>>> landing on https://freeradius.org/support/ from Google, then going to
>>> http://lists.freeradius.org/mailman/listinfo/freeradius-users. I saw no
>>> mention of this page. Someone should include this link to that page
>> there.
>>
>> When you subscribe to the list, you get an email pointing you to that
>> page. It helps to read it.
>>
>> As for the rest of your message... you can give tons of detail to prove
>> you did nothing wrong. But when you want help, you give almost no
>> information. Most people would see the contradiction here.
>>
>>> If someone else here wants to help, I'll take it from them. Perhaps
>> someone
>>> else on here is a "mind reader". You're off the hook.
>> Stop your personal attacks, or you will be unsubscribed from the list,
>> and permanently banned.
>>
>> This is your only warning.
>>
>> Alan DeKok.
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5344 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20210224/3f0040d2/attachment-0001.bin>
More information about the Freeradius-Users
mailing list