> I'm trying to perform a EAP-TTLS Radius Authentication by using the > server certificates. > So, from my windows laptop I have selected at the "Step 2: TTLS Server" > --> "Validate Server Certificate" > I have follow the steps at > http://wiki.freeradius.org/WPA_HOWTO#HOWTO_Do_It:_An_Outline > > But the server response is.... > > ..... > rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal unknown_ca > TLS Alert read:fatal:unknown CA > TLS_accept:failed in SSLv3 read client certificate A > rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 > alert unknown ca > ..... > > Any idea of where is the mistake?
Since your ca certificate is self-signed you need to import it onto the client machine as well. Client only "knows" a list of commercial root certificates. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
