EAP-TLS unable to get local issuer certificate
MH
h33927318 at gmail.com
Wed Jun 7 07:28:29 UTC 2023
But there's already ca_cert in wpa_supplicant configuration.
st 7. 6. 2023 o 9:10 Alan DeKok <aland at deployingradius.com> napísal(a):
> On Jun 6, 2023, at 1:54 PM, MH <h33927318 at gmail.com> wrote:
> > I am trying to setup EAP-TLS and I am getting radius server error
> "eap_tls:
> > (TLS) OpenSSL says error 20 : unable to get local issuer certificate",
> > "send TLS 1.2 Alert, fatal unknown_ca"
>
> You haven't configured the supplicant properly. It doesn't know
> anything about the CA which signed the server cert.
>
> Add the CA to the client, and the message will go away.
>
> i.e. You cannot read just *part* of the error message and think that is
> the *whole* problem. The rest of the error message say "fatal unknown
> CA". That is the root cause of the problem.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list