> Sending Access-Challenge of id 26 to 192.168.0.3:1812 ..... > TLS_accept:error in SSLv3 read client certificate A
Windows XP, SP1 with Patch or SP2 ? Matthias Rumitz TC Unix / Netzwerke ADIVA Computertechnologie GmbH Norsk-Data-Str. 1 D-61352 Bad Homburg v.d.H. Fon: +49(0) 61 72 / 48 61 - 0 Fax: +49(0) 61 72 / 48 61 - 700 Web: http://www.adiva.de eMail: [EMAIL PROTECTED] Diese E-Mail Nachricht enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. This e-mail message may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. ----- Originalnachricht ----- Von: BonzaiBoy <[EMAIL PROTECTED]> Datum: Freitag, Februar 11, 2005 1:36 am Betreff: Looping authentication for EAP-TLS on Windows XP > Hi, > > I'm trying to authenticate (802.1x) through EAP-TLS on Windows XP. > My > freeradius-debug keeps looping without reject or accept. > > Some significant phrases from the log: > > eaptls_verify returned 11 > TLS_accept:error in SSLv3 read client certificate A > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 25 > > Any ideas ? > > Kind regards, > > Gorik > > *** > > Versions/info: > openssl: Debian-testing 0.9.7e-2 > freeradius: 1.0.1 > EAP/TLS-authentication for 802.1x > AP = USR8054 > Client = Windows XP SP2 > Installed root.der and cert-clt.p12 on Windows XP > > *** > > Small part of my radius-debug (but I think relevant): > > auth: type "EAP" > Processing the authenticate section of radiusd.conf > modcall: entering group authenticate for request 25 > rlm_eap: Request found, released from the list > rlm_eap: EAP/tls > rlm_eap: processing type tls > rlm_eap_tls: Authenticate > rlm_eap_tls: processing TLS > rlm_eap_tls: Length Included > eaptls_verify returned 11 > (other): before/accept initialization > TLS_accept: before/accept initialization > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0055], ClientHello > TLS_accept: SSLv3 read client hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello > TLS_accept: SSLv3 write server hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0668], Certificate > TLS_accept: SSLv3 write certificate A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 00a7], CertificateRequest > TLS_accept: SSLv3 write certificate request A > TLS_accept: SSLv3 flush data > TLS_accept:error in SSLv3 read client certificate A > In SSL Handshake Phase > In SSL Accept mode > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 25 > modcall: group authenticate returns handled for request 25 > Sending Access-Challenge of id 26 to 192.168.0.3:1812 > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html