Hello, I'm new at the Freeradius and I'm deploying it with EAP-TLS to authenticate my Wireless users which will be authenticated against a OpenLDAP base.
I'm using freeradius2 and when I make a test from other linux machine with command "radtest joao.vero jango123 128.2.100.131 2 meleca" it's working as follow out Sending Access-Request of id 45 to 128.2.100.131 port 1645 User-Name = "joao.vero" User-Password = "jango123" NAS-IP-Address = 255.255.255.255 NAS-Port = 2 rad_recv: Access-Accept packet from host 128.2.100.131:1645, id=45, length=20 But, when I'm going to authenticate wireless users from Win7 ( with EAP-TLS, I'm using the test certificate from /etc/raddb/certs/..) It isn't working. it's appear in log: TLS Alert read:fatal:unknown CA TLS_accept:failed in SSLv3 read client certificate A rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca SSL: SSL_read failed inside of TLS (-1), TLS session fails. TLS receive handshake failed during operation What I did until at the moment in ralation EAP-TLS: I've configured the eap.conf file to read the certificates from /etc/raddb/certs/... I've create the user certificate ( as shows README in /etc/raddb/certs ) I've copied and installed two certificates to user machine: cliente.p12 and ca.der. the first as personal and the last as Trusted Root Certification Authorities I wish to use LDAP for authenticate my users but seems that User-Password must be Clear text. there is possible reach EAP-TLS with LDAP?? What I have do ?? any help is welcome Thank!
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html