You (or whoever makes these certificates) have set up certificate creation that way. Change it so that CN is equal to User-Name.
Ivan Kalik Kalik Informatika ISP Dana 9/10/2008, "Guk Victor" <[EMAIL PROTECTED]> piše: > > > > > > > > > I use eap-tsl for the registration record of computer. It is necessary >>to open access to the network to pressure of Ctrl+Alt+Del. >>I will not understand what is the matter: >> > > .. > > > >radius_xlat: 'host/cit44' >> rlm_eap_tls: checking certificate CN (cit44) with xlat'ed value >>(host/cit44) >>rlm_eap_tls: Certificate CN (cit44) does not match specified value >>(host/cit44)! >>chain-depth=0, >>error=0 >>--> User-Name = host/cit44 >>--> BUF-Name = cit44 >>--> subject = /C=UA/ST=Berkshire/L=Newbury/O=zaz/OU=mis/CN=cit44 >>--> issuer = /C=UA/ST=ZaporozshE/L=ZP/O=ZAZ/OU=MIS/CN=Administrator >>--> verify return:0 > > > .. > >User-Name and CN are not the same. Create a proper certificate. > >I created new certificate from CN=host/cit44. This is what it is >obtained: > >radius_xlat: 'host/host/cit44' >rlm_eap_tls: checking certificate CN (host/cit44) with xlat'ed value >(host/host/cit44) >rlm_eap_tls: Certificate CN (host/cit44) does not match specified value >(host/host/cit44)! >chain-depth=0, >error=0 >User-Name = host/host/cit44 >BUF-Name = host/cit44 >subject = /C=UA/ST=Berkshire/L=Newbury/O=zaz/OU=mis/CN=host/cit44 >issuer = /C=UA/ST=ZaporozshE/L=ZP/O=ZAZ/OU=MIS/CN=Administrator >verify return:0 >Why to User-Name is added "/host"? > > > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
