"Pierluigi Frullani" <[EMAIL PROTECTED]> wrote: > I think this is probably a bug.
Maybe. > I decided then to give a more high level of security, double-checking the > certificate against the root certificate, on client-side. > I've then imported the root certificate ( the same I've installed on > radius ) but as soon I activate the "validate server certificate" and > restart the authentication, on the radius log I get the error : > rlm_eap_tls: Received unexpected tunneled data after successful handshake Ok. That's what the debugging messages are for... > Debug: rlm_eap_tls: Received unexpected tunneled data after successful > handshake. > Debug: Tunneled data (23 bytes) > 0: 15 03 01 00 12 72 ee 05 fb 3c 18 fc 4c fd 0d b2 > 16: b2 07 f2 6e d8 7f 7c I have no clue what that data is, or what it's supposed to be. You can edit src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c to NOT fail when it prints that message out, which should be a start. But the real issue is that the EAP-TLS documents don't say what that data is, or what to do with it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html