Certificate chain - 1 intermediate CA cert(s) untrusted
Rodrigo Prieto
rodrigoprieto2019 at gmail.com
Fri Nov 8 21:08:22 UTC 2024
Hello, I have the following problem. I configured freeradius to use EAP-TLS
and it works. Create the certificates with the script inside the
certificates folder.
The problem is that when a client connects the following error appears:
Certificate chain - 1 intermediate CA cert(s) untrusted
To forbid these certificates see 'reject_unknown_intermediate_ca'
(TLS) untrusted certificate with depth [1] subject name /C=AR/ST=Buenos
Aires/L=Virreyes/O=Lotech/emailAddress=22 at gmail.com/CN=CA-FREERADIUS
(TLS) untrusted certificate with depth [0] subject name /C=AR/ST=Buenos
Aires/O=Lotech/CN=11 at gmail.com/emailAddress=11 at gmail.com
I don't use intermediate AC. I ran c_rehash inside the certs folder.
The certificates correctly point to the CA file.
rivate_key_password = loli
private_key_file = ${certdir}/server.key
certificate_file = ${certdir}/server.pem
ca_file = /etc/freeradius/certs/ca.pem
ca_path = ${cadir}
I run openssl verify with the client and server certificates and it says OK.
Freeradius is installed on Ununtu 24.04. The version of openssl is:
OpenSSL 3.0.13 Jan 30, 2024 (Library: OpenSSL 3.0.13 Jan 30, 2024)
If anyone can help me, I appreciate it.
Greetings and thanks.
More information about the Freeradius-Users
mailing list