Hi everybody,
Ik still have a problem with validating the server
certificate.
See the RASTLS log below:
----------------------------
[1280] 17:19:40:078: EapTlsInvokeIdentityUI [1280] 17:19:40:078: GetCertInfo [1280] 17:19:40:156: FCheckSCardCertAndCanOpenSilentContext [1280] 17:19:40:156: FGetEKUUsage [1280] 17:19:40:156: Acquiring Context for Container Name: {226FADA0-66DE-4423-BFBF-448D710E1BF2}, ProvName: Microsoft Base Cryptographic Provider v1.0, ProvType 0x1 [1280] 17:19:40:156: FCheckTimeValidity [1280] 17:19:40:156: Add Selected Cert to List [1280] 17:19:40:156: FCheckSCardCertAndCanOpenSilentContext [1280] 17:19:40:156: FGetEKUUsage [1280] 17:19:40:156: Acquiring Context for Container Name: {F4FC41A8-ECDF-4B9A-A613-A457D74DDFF8}, ProvName: Microsoft Enhanced Cryptographic Provider v1.0, ProvType 0x1 [1280] 17:19:40:156: FCheckTimeValidity [1280] 17:19:40:171: Add Selected Cert to List [1280] 17:19:40:171: GroupCertificates [1280] 17:19:46:750: [1280] 17:19:46:750: EapTlsBegin(Jurgen Tessers) [1280] 17:19:46:750: State change to Initial [1280] 17:19:46:750: EapTlsBegin: Detected 8021X authentication [1280] 17:19:46:750: MaxTLSMessageLength is now 16384 [1280] 17:19:46:750: [1280] 17:19:46:750: EapTlsMakeMessage(jurgen tessers) [1280] 17:19:46:750: >> Received Request (Code: 1) packet: Id: 1, Length: 6, Type: 13, TLS blob length: 0. Flags: S [1280] 17:19:46:750: EapTlsCMakeMessage [1280] 17:19:46:750: EapTlsReset [1280] 17:19:46:750: State change to Initial [1280] 17:19:46:750: GetCredentials [1280] 17:19:46:750: Flag is Client and Store is Current User [1280] 17:19:46:750: GetCachedCredentials [1280] 17:19:46:750: FreeCachedCredentials [1280] 17:19:46:750: AssociatePinWithCertificate [1280] 17:19:46:750: The name in the certificate is: Jurgen Tessers [1280] 17:19:46:750: Will validate server cert [1280] 17:19:46:796: MakeReplyMessage [1280] 17:19:46:796: SecurityContextFunction [1280] 17:19:46:796: InitializeSecurityContext returned 0x90312 [1280] 17:19:46:796: State change to SentHello [1280] 17:19:46:796: BuildPacket [1280] 17:19:46:796: << Sending Response (Code: 2) packet: Id: 1, Length: 80, Type: 13, TLS blob length: 70. Flags: L [2408] 17:19:46:812: [2408] 17:19:46:812: EapTlsMakeMessage(jurgen tessers) [2408] 17:19:46:812: >> Received Request (Code: 1) packet: Id: 2, Length: 1030, Type: 13, TLS blob length: 1020. Flags: L [2408] 17:19:46:812: EapTlsCMakeMessage [2408] 17:19:46:812: MakeReplyMessage [2408] 17:19:46:812: Reallocating input TLS blob buffer [2408] 17:19:46:812: SecurityContextFunction [2408] 17:19:46:968: InitializeSecurityContext returned 0x80096004 [2408] 17:19:46:968: State change to RecdFinished. Error: 0x80096004 [2408] 17:19:46:968: BuildPacket [2408] 17:19:46:968: << Sending Response (Code: 2) packet: Id: 2, Length: 6, Type: 13, TLS blob length: 0. Flags: [2408] 17:19:46:968: [2408] 17:19:46:968: EapTlsMakeMessage(jurgen tessers) [2408] 17:19:46:968: >> Received Request (Code: 1) packet: Id: 3, Length: 10, Type: 13, TLS blob length: 0. Flags: L [2408] 17:19:46:968: EapTlsCMakeMessage [2408] 17:19:46:968: Unexpected code: 1 in state RecdFinished [3744] 17:20:17:015: EapTlsEnd [3744] 17:20:17:015: EapTlsEnd(jurgen tessers) [3744] 17:20:17:015: Auth failed so freeing cached creds. [3744] 17:20:17:015: FreeCachedCredentials [3744] 17:20:17:015: [3744] 17:20:17:015: EapTlsBegin(Jurgen Tessers) [3744] 17:20:17:015: State change to Initial [3744] 17:20:17:015: EapTlsBegin: Detected 8021X authentication [3744] 17:20:17:015: MaxTLSMessageLength is now 16384 [3744] 17:20:17:015: [3744] 17:20:17:015: EapTlsMakeMessage(jurgen tessers) [3744] 17:20:17:015: >> Received Request (Code: 1) packet: Id: 2, Length: 6, Type: 13, TLS blob length: 0. Flags: S [3744] 17:20:17:015: EapTlsCMakeMessage [3744] 17:20:17:015: EapTlsReset [3744] 17:20:17:015: State change to Initial [3744] 17:20:17:015: GetCredentials [3744] 17:20:17:015: Flag is Client and Store is Current User [3744] 17:20:17:015: GetCachedCredentials [3744] 17:20:17:015: FreeCachedCredentials [3744] 17:20:17:015: AssociatePinWithCertificate [3744] 17:20:17:031: The name in the certificate is: Jurgen Tessers [3744] 17:20:17:031: Will validate server cert [3744] 17:20:17:031: MakeReplyMessage [3744] 17:20:17:031: SecurityContextFunction [3744] 17:20:17:031: InitializeSecurityContext returned 0x90312 [3744] 17:20:17:031: State change to SentHello [3744] 17:20:17:031: BuildPacket [3744] 17:20:17:031: << Sending Response (Code: 2) packet: Id: 2, Length: 80, Type: 13, TLS blob length: 70. Flags: L [1904] 17:20:17:046: [1904] 17:20:17:046: EapTlsMakeMessage(jurgen tessers) [1904] 17:20:17:046: >> Received Request (Code: 1) packet: Id: 3, Length: 1030, Type: 13, TLS blob length: 1020. Flags: L [1904] 17:20:17:046: EapTlsCMakeMessage [1904] 17:20:17:046: MakeReplyMessage [1904] 17:20:17:046: Reallocating input TLS blob buffer [1904] 17:20:17:046: SecurityContextFunction [1904] 17:20:17:062: InitializeSecurityContext returned 0x80096004 [1904] 17:20:17:062: State change to RecdFinished. Error: 0x80096004 [1904] 17:20:17:062: BuildPacket [1904] 17:20:17:062: << Sending Response (Code: 2) packet: Id: 3, Length: 6, Type: 13, TLS blob length: 0. Flags: [1904] 17:20:17:062: [1904] 17:20:17:062: EapTlsMakeMessage(jurgen tessers) [1904] 17:20:17:062: >> Received Request (Code: 1) packet: Id: 4, Length: 10, Type: 13, TLS blob length: 0. Flags: L [1904] 17:20:17:062: EapTlsCMakeMessage [1904] 17:20:17:062: Unexpected code: 1 in state RecdFinished [1904] 17:20:47:171: EapTlsEnd [1904] 17:20:47:171: EapTlsEnd(jurgen tessers) [1904] 17:20:47:171: Auth failed so freeing cached creds. [1904] 17:20:47:171: FreeCachedCredentials [1904] 17:20:47:171: [1904] 17:20:47:171: EapTlsBegin(Jurgen Tessers) [1904] 17:20:47:171: State change to Initial [1904] 17:20:47:171: EapTlsBegin: Detected 8021X authentication [1904] 17:20:47:171: MaxTLSMessageLength is now 16384 [1904] 17:20:47:171: [1904] 17:20:47:171: EapTlsMakeMessage(jurgen tessers) [1904] 17:20:47:171: >> Received Request (Code: 1) packet: Id: 2, Length: 6, Type: 13, TLS blob length: 0. Flags: S [1904] 17:20:47:171: EapTlsCMakeMessage [1904] 17:20:47:171: EapTlsReset [1904] 17:20:47:171: State change to Initial [1904] 17:20:47:171: GetCredentials [1904] 17:20:47:171: Flag is Client and Store is Current User [1904] 17:20:47:171: GetCachedCredentials [1904] 17:20:47:171: FreeCachedCredentials [1904] 17:20:47:187: AssociatePinWithCertificate [1904] 17:20:47:187: The name in the certificate is: Jurgen Tessers [1904] 17:20:47:187: Will validate server cert [1904] 17:20:47:187: MakeReplyMessage [1904] 17:20:47:187: SecurityContextFunction [1904] 17:20:47:187: InitializeSecurityContext returned 0x90312 [1904] 17:20:47:187: State change to SentHello [1904] 17:20:47:187: BuildPacket [1904] 17:20:47:187: << Sending Response (Code: 2) packet: Id: 2, Length: 80, Type: 13, TLS blob length: 70. Flags: L [1904] 17:20:47:203: [1904] 17:20:47:203: EapTlsMakeMessage(jurgen tessers) [1904] 17:20:47:203: >> Received Request (Code: 1) packet: Id: 3, Length: 1030, Type: 13, TLS blob length: 1020. Flags: L [1904] 17:20:47:203: EapTlsCMakeMessage [1904] 17:20:47:203: MakeReplyMessage [1904] 17:20:47:203: Reallocating input TLS blob buffer [1904] 17:20:47:203: SecurityContextFunction [1904] 17:20:47:203: InitializeSecurityContext returned 0x80096004 [1904] 17:20:47:203: State change to RecdFinished. Error: 0x80096004 [1904] 17:20:47:203: BuildPacket [1904] 17:20:47:203: << Sending Response (Code: 2) packet: Id: 3, Length: 6, Type: 13, TLS blob length: 0. Flags: [1904] 17:20:47:218: [1904] 17:20:47:218: EapTlsMakeMessage(jurgen tessers) [1904] 17:20:47:218: >> Received Request (Code: 1) packet: Id: 4, Length: 10, Type: 13, TLS blob length: 0. Flags: L [1904] 17:20:47:218: EapTlsCMakeMessage [1904] 17:20:47:218: Unexpected code: 1 in state RecdFinished [1904] 17:21:17:375: EapTlsEnd [1904] 17:21:17:375: EapTlsEnd(jurgen tessers) [1904] 17:21:17:375: Auth failed so freeing cached creds. [1904] 17:21:17:375: FreeCachedCredentials [1904] 17:21:17:375: [1904] 17:21:17:375: EapTlsBegin(Jurgen Tessers) [1904] 17:21:17:375: State change to Initial [1904] 17:21:17:375: EapTlsBegin: Detected 8021X authentication [1904] 17:21:17:375: MaxTLSMessageLength is now 16384 [1904] 17:21:17:375: [1904] 17:21:17:375: EapTlsMakeMessage(jurgen tessers) [1904] 17:21:17:375: >> Received Request (Code: 1) packet: Id: 2, Length: 6, Type: 13, TLS blob length: 0. Flags: S [1904] 17:21:17:375: EapTlsCMakeMessage [1904] 17:21:17:375: EapTlsReset [1904] 17:21:17:375: State change to Initial [1904] 17:21:17:375: GetCredentials [1904] 17:21:17:375: Flag is Client and Store is Current User [1904] 17:21:17:375: GetCachedCredentials [1904] 17:21:17:375: FreeCachedCredentials [1904] 17:21:17:390: AssociatePinWithCertificate [1904] 17:21:17:390: The name in the certificate is: Jurgen Tessers [1904] 17:21:17:390: Will validate server cert [1904] 17:21:17:390: MakeReplyMessage [1904] 17:21:17:390: SecurityContextFunction [1904] 17:21:17:390: InitializeSecurityContext returned 0x90312 [1904] 17:21:17:390: State change to SentHello [1904] 17:21:17:390: BuildPacket [1904] 17:21:17:390: << Sending Response (Code: 2) packet: Id: 2, Length: 80, Type: 13, TLS blob length: 70. Flags: L [1904] 17:21:17:406: [1904] 17:21:17:406: EapTlsMakeMessage(jurgen tessers) [1904] 17:21:17:406: >> Received Request (Code: 1) packet: Id: 3, Length: 1030, Type: 13, TLS blob length: 1020. Flags: L [1904] 17:21:17:406: EapTlsCMakeMessage [1904] 17:21:17:406: MakeReplyMessage [1904] 17:21:17:406: Reallocating input TLS blob buffer [1904] 17:21:17:406: SecurityContextFunction [1904] 17:21:17:406: InitializeSecurityContext returned 0x80096004 [1904] 17:21:17:406: State change to RecdFinished. Error: 0x80096004 [1904] 17:21:17:406: BuildPacket [1904] 17:21:17:406: << Sending Response (Code: 2) packet: Id: 3, Length: 6, Type: 13, TLS blob length: 0. Flags: [1904] 17:21:17:421: [1904] 17:21:17:421: EapTlsMakeMessage(jurgen tessers) [1904] 17:21:17:421: >> Received Request (Code: 1) packet: Id: 4, Length: 10, Type: 13, TLS blob length: 0. Flags: L [1904] 17:21:17:421: EapTlsCMakeMessage [1904] 17:21:17:421: Unexpected code: 1 in state RecdFinished [1904] 17:21:47:546: EapTlsEnd [1904] 17:21:47:546: EapTlsEnd(jurgen tessers) [1904] 17:21:47:546: Auth failed so freeing cached creds. [1904] 17:21:47:546: FreeCachedCredentials [1904] 17:21:47:546: [1904] 17:21:47:546: EapTlsBegin(Jurgen Tessers) [1904] 17:21:47:546: State change to Initial [1904] 17:21:47:546: EapTlsBegin: Detected 8021X authentication [1904] 17:21:47:546: MaxTLSMessageLength is now 16384 [1904] 17:21:47:546: [1904] 17:21:47:546: EapTlsMakeMessage(jurgen tessers) [1904] 17:21:47:546: >> Received Request (Code: 1) packet: Id: 2, Length: 6, Type: 13, TLS blob length: 0. Flags: S [1904] 17:21:47:546: EapTlsCMakeMessage [1904] 17:21:47:546: EapTlsReset [1904] 17:21:47:546: State change to Initial [1904] 17:21:47:546: GetCredentials [1904] 17:21:47:546: Flag is Client and Store is Current User [1904] 17:21:47:546: GetCachedCredentials [1904] 17:21:47:546: FreeCachedCredentials [1904] 17:21:47:562: AssociatePinWithCertificate [1904] 17:21:47:562: The name in the certificate is: Jurgen Tessers [1904] 17:21:47:562: Will validate server cert [1904] 17:21:47:562: MakeReplyMessage [1904] 17:21:47:562: SecurityContextFunction [1904] 17:21:47:562: InitializeSecurityContext returned 0x90312 [1904] 17:21:47:562: State change to SentHello [1904] 17:21:47:562: BuildPacket [1904] 17:21:47:562: << Sending Response (Code: 2) packet: Id: 2, Length: 80, Type: 13, TLS blob length: 70. Flags: L [1904] 17:21:47:578: [1904] 17:21:47:578: EapTlsMakeMessage(jurgen tessers) [1904] 17:21:47:578: >> Received Request (Code: 1) packet: Id: 3, Length: 1030, Type: 13, TLS blob length: 1020. Flags: L [1904] 17:21:47:578: EapTlsCMakeMessage [1904] 17:21:47:578: MakeReplyMessage [1904] 17:21:47:578: Reallocating input TLS blob buffer [1904] 17:21:47:578: SecurityContextFunction [1904] 17:21:47:578: InitializeSecurityContext returned 0x80096004 [1904] 17:21:47:578: State change to RecdFinished. Error: 0x80096004 [1904] 17:21:47:578: BuildPacket [1904] 17:21:47:578: << Sending Response (Code: 2) packet: Id: 3, Length: 6, Type: 13, TLS blob length: 0. Flags: [1904] 17:21:47:593: [1904] 17:21:47:593: EapTlsMakeMessage(jurgen tessers) [1904] 17:21:47:593: >> Received Request (Code: 1) packet: Id: 4, Length: 10, Type: 13, TLS blob length: 0. Flags: L [1904] 17:21:47:593: EapTlsCMakeMessage [1904] 17:21:47:593: Unexpected code: 1 in state RecdFinished [1904] 17:22:17:593: EapTlsEnd [1904] 17:22:17:593: EapTlsEnd(jurgen tessers) [1904] 17:22:17:593: Auth failed so freeing cached creds. [1904] 17:22:17:593: FreeCachedCredentials [1904] 17:22:17:593: [1904] 17:22:17:593: EapTlsBegin(Jurgen Tessers) [1904] 17:22:17:593: State change to Initial [1904] 17:22:17:593: EapTlsBegin: Detected 8021X authentication [1904] 17:22:17:593: MaxTLSMessageLength is now 16384 [1904] 17:22:17:593: [1904] 17:22:17:593: EapTlsMakeMessage(jurgen tessers) [1904] 17:22:17:593: >> Received Request (Code: 1) packet: Id: 2, Length: 6, Type: 13, TLS blob length: 0. Flags: S [1904] 17:22:17:593: EapTlsCMakeMessage [1904] 17:22:17:593: EapTlsReset [1904] 17:22:17:593: State change to Initial [1904] 17:22:17:593: GetCredentials [1904] 17:22:17:593: Flag is Client and Store is Current User [1904] 17:22:17:593: GetCachedCredentials [1904] 17:22:17:593: FreeCachedCredentials [1904] 17:22:17:609: AssociatePinWithCertificate [1904] 17:22:17:609: The name in the certificate is: Jurgen Tessers [1904] 17:22:17:609: Will validate server cert [1904] 17:22:17:609: MakeReplyMessage [1904] 17:22:17:609: SecurityContextFunction [1904] 17:22:17:609: InitializeSecurityContext returned 0x90312 [1904] 17:22:17:609: State change to SentHello [1904] 17:22:17:609: BuildPacket [1904] 17:22:17:609: << Sending Response (Code: 2) packet: Id: 2, Length: 80, Type: 13, TLS blob length: 70. Flags: L [1904] 17:22:17:625: [1904] 17:22:17:625: EapTlsMakeMessage(jurgen tessers) [1904] 17:22:17:625: >> Received Request (Code: 1) packet: Id: 3, Length: 1030, Type: 13, TLS blob length: 1020. Flags: L [1904] 17:22:17:625: EapTlsCMakeMessage [1904] 17:22:17:625: MakeReplyMessage [1904] 17:22:17:625: Reallocating input TLS blob buffer [1904] 17:22:17:625: SecurityContextFunction [1904] 17:22:17:625: InitializeSecurityContext returned 0x80096004 [1904] 17:22:17:625: State change to RecdFinished. Error: 0x80096004 [1904] 17:22:17:625: BuildPacket [1904] 17:22:17:625: << Sending Response (Code: 2) packet: Id: 3, Length: 6, Type: 13, TLS blob length: 0. Flags: [1904] 17:22:17:640: [1904] 17:22:17:640: EapTlsMakeMessage(jurgen tessers) [1904] 17:22:17:640: >> Received Request (Code: 1) packet: Id: 4, Length: 10, Type: 13, TLS blob length: 0. Flags: L [1904] 17:22:17:640: EapTlsCMakeMessage [1904] 17:22:17:640: Unexpected code: 1 in state RecdFinished |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html