I use eap-tsl for the registration record of computer. It is necessary
>to open access to the network to pressure of Ctrl+Alt+Del.
>I will not understand what is the matter:
>
..
>radius_xlat: 'host/cit44'
> rlm_eap_tls: checking certificate CN (cit44) with xlat'ed value
>(host/cit44)
>rlm_eap_tls: Certificate CN (cit44) does not match specified value
>(host/cit44)!
>chain-depth=0,
>error=0
>--> User-Name = host/cit44
>--> BUF-Name = cit44
>--> subject = /C=UA/ST=Berkshire/L=Newbury/O=zaz/OU=mis/CN=cit44
>--> issuer = /C=UA/ST=ZaporozshE/L=ZP/O=ZAZ/OU=MIS/CN=Administrator
>--> verify return:0
..
User-Name and CN are not the same. Create a proper certificate.
I created new certificate from CN=host/cit44. This is what it is
obtained:
radius_xlat: 'host/host/cit44'
rlm_eap_tls: checking certificate CN (host/cit44) with xlat'ed value
(host/host/cit44)
rlm_eap_tls: Certificate CN (host/cit44) does not match specified value
(host/host/cit44)!
chain-depth=0,
error=0
User-Name = host/host/cit44
BUF-Name = host/cit44
subject = /C=UA/ST=Berkshire/L=Newbury/O=zaz/OU=mis/CN=host/cit44
issuer = /C=UA/ST=ZaporozshE/L=ZP/O=ZAZ/OU=MIS/CN=Administrator
verify return:0
Why to User-Name is added "/host"?
|
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
