OpenCA and eap/tls

Janis Pinkis Wed, 26 Mar 2003 01:34:27 -0800

Hi!

I'm new to freeradius and eap. So sorry for may be a stupid question.

I'm using:
OpenCA 0.9.1.1 for issuing certificates
freeradius-snapshot-20030324 with openssl-SNAP-20030323 as Radius server
*Cisco 350 Series AP 12.02T1* as wireless AP
xsupplicant-0.6 with openssl-9.7a as a 802.1x client.

Problem is, i never get authenticated. My question is, do i have to change some certificate generation options in OpenCA, to get it all working, or the problem is somewhere else?

Here are the last lines from radius log:

<<< TLS 1.0 Handshake [length 0abc], Certificate

chain-depth=1, error=0 --> User-Name = jpinkis --> BUF-Name = Certificate Authority --> subject = /C=LV/O=University of Latvia/OU=DoIT/CN=Certificate Authority/[EMAIL PROTECTED] --> issuer = /C=LV/O=University of Latvia/OU=DoIT/CN=Certificate Authority/[EMAIL PROTECTED] --> verify return:1 chain-depth=0, error=0 --> User-Name = jpinkis --> BUF-Name = jpinkis --> subject = /C=LV/O=University of Latvia/OU=Employees/CN=jpinkis/serialNumber=8 --> issuer = /C=LV/O=University of Latvia/OU=DoIT/CN=Certificate Authority/[EMAIL PROTECTED] --> verify return:1 TLS_accept: SSLv3 read client certificate A TLS_accept:error in SSLv3 read client key exchange A rlm_eap_tls: SSL_read Error Error code is ..... 2 SSL Error ..... 2 rlm_eap_tls: BIO_read Error Error code is ..... 2 SSL Error ..... 2 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Delaying request 19 for 1 seconds Finished request 19 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.1.1.83:1625, id=75, length=1585 Sending Access-Reject of id 75 to 10.1.1.83:1625 EAP-Message = 0x04360004 Message-Authenticator = 0x00000000000000000000000000000000 --- Walking the entire request list --- Cleaning up request 14 ID 70 with timestamp 3e816ccf Cleaning up request 15 ID 71 with timestamp 3e816ccf Cleaning up request 16 ID 72 with timestamp 3e816ccf Cleaning up request 17 ID 73 with timestamp 3e816ccf Waking up in 1 seconds... --- Walking the entire request list --- Cleaning up request 18 ID 74 with timestamp 3e816cd0 Cleaning up request 19 ID 75 with timestamp 3e816cd0 Nothing to do. Sleeping until we see a request.

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

OpenCA and eap/tls

Reply via email to