On 12/05/2011 08:25 AM, Victor Guk wrote:
[tls] <<< TLS 1.0 Handshake [length 0249], Certificate
--> verify error:num=9:certificate is not yet valid
[tls] >>> TLS 1.0 Alert [length 0002], fatal bad_certificate
TLS Alert write:fatal:bad certificate
This error comes from within OpenSSL. FreeRADIUS just does what OpenSSL
tells it.
Can you verify the cert with the "openssl verify ..." test command? e.g.
try this:
openssl verify -CAfile ca.pem -purpose sslserver server.pem
If this fails as well, then it's either a problem in OpenSSL or your
system libraries with dates >2050. If it succeeds (which I doubt) then
FreeRADIUS should work too.
I sort of admire your effort to future-proof your certs though! ;o)
Cheers,
Phil
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html