DER format in TLS certificates
Iñigo Vicente
ivicente at bexencardio.com
Mon Mar 7 14:03:59 UTC 2022
>
> What end user system are you using?
I am using WGM110 Wizard Gecko Wi-Fi bgtool
El lun, 7 mar 2022 a las 14:39, Alan DeKok (<aland at deployingradius.com>)
escribió:
> On Mar 7, 2022, at 8:35 AM, Iñigo Vicente <ivicente at bexencardio.com>
> wrote:
> >
> > I have configured etc/raddb/mods-available/eap eap {
> > default_eap_type = tls
> > }
> > peap {
> > default_eap_type = tls
> > }
>
> There's rather a lot more than that, but whatever. And no, we don't
> need to see the configuration files. All of the documentation makes this
> VERY clear.
>
> > I have this warning:
> > 6) eap_tls: WARNING: (TLS) EAP Total received record fragments (91
> > bytes), does not equal expected expected data length (0 bytes)
>
> If that's the message you get, then you should post that message. Don't
> post a vague question asking about TLS.
>
> > (12) eap_tls: ERROR: (TLS) Failed reading from OpenSSL:
> > error:1417C087:SSL routines:tls_process_client_certificate:cert length
> > mismatch
>
> The end user system (EAP supplicant) is broken. It's not doing EAP-TLS
> properly.
>
> What end user system are you using?
>
> Perhaps also try disabling TLS 1.3 on the server side. See the tls
> {...} configuration for details.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list