Johan Arens wrote:
Well thanks for the answers.
What is puzzled me, is the error message error reading client
certificate, it's like freeradius is waiting the client send it's
certificate.
Yes, it's a misleading error message, but trust me it's meaningless.
Lots of people get it. My working PEAP server gets it.
However with TTLS, the client doen't have a client certificate. It only
Indeed. However you can still ask the TLS connection for it, you just
don't get it AND it's not a problem. You're seeing the error because the
code is generalised between the TLS and TTLS paths (I think - or maybe
it was copy'n'pasted)
has a copy of the root certificate. I'm going to setup a wpa_supplicant
with a linux client to try to make it work.
FWIW the "eapol_test" program that comes with wpa_supplicant is also
very useful for verifying you've got the radius bit working without
having to fiddle with APs.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html