-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I'm setting up Freeradius2 (FreeRADIUS Version 2.1.7) for WPA Enterprise 2, and I have it basically working. my iPhone/iPad are able to authenticate and connect via the base station. However my Mac (OSX 10.6 Snow leopard) Laptops are having issues. I do not want to push out Client certificates to the laptops. I also do not want people to have to perform any customisations on the clients. When the laptop attempts to join the network I get a nice login window, with username/password. This is fine. However without playing with the network settings (802.1x settings). I'm not able to join the network because I do not have a client Cert: Sat Mar 5 16:21:28 2011 : Error: --> verify error:num=19:self signed certificate in certificate chain Sat Mar 5 16:21:28 2011 : Error: TLS Alert write:fatal:unknown CA Sat Mar 5 16:21:28 2011 : Error: TLS_accept:error in SSLv3 read client certificate B Sat Mar 5 16:21:28 2011 : Error: rlm_eap: SSL error error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Sat Mar 5 16:21:28 2011 : Error: SSL: SSL_read failed in a system call (-1), TLS session fails. Sat Mar 5 16:21:28 2011 : Auth: Login incorrect: [guy/<via Auth-Type = EAP>] (from client extreme port 0 cli 00-19-E3-E1-BA-C5) However if I do change the 802.1x settings on the mac to not try and to TLS then I'm able to connect just fine. either by PEAP, or TTLS.. So finally my question... How can I reconfigure Radius to not try and offer TLS or if it does offer TLS to not die if a cert is not presented?? I have tried some suggestions such as commenting out the CA in the eap.conf file, but still I fail to pass the TLS. Thanks - ---Guy -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) iEYEARECAAYFAk1yaQcACgkQDc8ue1+sfKEcAQCfYRVtzNb1UcRa9hf+PM3ipToT zCgAn2TGSTOAjigyWLYwTm4HDcy12l9L =JyX7 -----END PGP SIGNATURE----- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
