eap_peap: ERROR: (TLS) Alert read:fatal:unknown CA

Dario Barbon dbarbon at olicom.eu
Mon Jan 8 07:14:22 UTC 2024


Hi Kamil, thanks for sharing your experience.

The phones aren't MDM managed; I experienced the certificate removal 
issue on Motorola Defy and CAT S62PRO (both Android 11). Maybe that's 
something wrong with my self signed CA and client certificates... May I 
ask you how did you generate your certificates?

Dario Barbon


Il 06/01/2024 09:05, Kamil Jońca ha scritto:
> Dario Barbon <dbarbon at olicom.eu> writes:
>
>> Hi all, I'm trying to configure Freeradius (version 3.2.3 on Ubuntu
>> 22.04) to perform either EAP-TLS and EAP-PEAP MSCHAPv2. I need
>> MSCHAPv2 as alternative configuration for Android 11 devices because
>> we are experiencing the deletion of client certificates and I'm not
>> understand why this issue happens.
> I have configured eap-tls on several android devices (including 2 with
> android 11) and did not experienced certificate removal.
>
> BUT I have experience profile (=package with credentials) removal on
> corporate iphones managed by some kind of MDM.
>
> Are these phones corporate managed?
> KJ
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list