eap_peap: ERROR: (TLS) Alert read:fatal:unknown CA

Kamil Jońca kjonca at op.pl
Mon Jan 8 18:18:27 UTC 2024

Dario Barbon <dbarbon at olicom.eu> writes:

> Hi Kamil, I generated the certificates by following this tutorial
> ("configure EAP-TLS" section):
> https://techtalkblog.ch/ubuntu-18-04-freeradius-v3-wifi-authentication/

I did not ask you for link but for steps you did.

Moreover this howto might be obsolete because

"openssl pkcs12" with openssl3.0 sometimes needs "-legacy" option i.e.

openssl pkcs12 -legacy -export -in ... -certfile  ...-inkey ... -out ...

> I'm not thinking that certificates are deleted ... I saw this happens
> many times! And it happens (in my limited experience) always with
> Android 11 devices.
> Sometimes users deleted the WiFi connection: that action deletes also
> WiFi user installed certificates. Sometimes, after a bunch of
> unsuccessful connection tries, Android 11 devices deletes
> certificates.

Tested now: TCL NXT paper - (Android 11)  - no such thing happened,
after "forgetting" connection certificates remains, and can be used to
redefine connection.

As Alan said: either you do something wrong (this is my susppect) or you
found SERIOUS bug in android supplicant (I doubt)


More information about the Freeradius-Users mailing list