]: TLS Alert read:fatal:unknown CA Feb
23 13:05:07 avocet radiusd[15992]: rlm_eap: SSL error error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
If we're not using EAP-TLS but rather PEAP, EAP-TTLS-MSCHAPv2 do we really
need to uncomment the CA_file variable? The docs seem
in the certificate_file
And I'm getting these errors logged from time to time.
Feb 23 13:05:07 avocet radiusd[15992]: TLS Alert read:fatal:unknown CA Feb
23 13:05:07 avocet radiusd[15992]: rlm_eap: SSL error error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
the client has tried
private cert using the bootstrap
script (I did, of course, change the parameters to suit my needs) and I now
have my shiny new private cert...however, after I import the new cert into my
clients I am still getting the unknown CA error in my FR debug. The client is
obstinently silent, which makes me
.
That being said, I have generated the new private cert using the
bootstrap script (I did, of course, change the parameters to suit my
needs) and I now have my shiny new private cert…however, after I import
the new cert into my clients I am still getting the unknown CA error in
my FR debug
Hi,
What cert should I import into the client and in what cert store location
should I put in? The clients are windows based BTW (usually Win 7)
THANKS for all your help.
you should take the nice windows friendly server.der one win vista and 7
both
handle these fine - for
The typical way to look at certs on a Windows system is to open IE,
pull down the Tools menu, select Internet Options
On Vista, and Win7 there is a Control Panel selection Internet Options
that gets you to the same place.
Select the Content tab, Certificate is a button half-way down.
I have imported the ca.der into BOTH the trusted root CA store and the
Third-Party Root CA store, still I get the unknown CA error.
I must be doing something wrong, as per Alan's advice I did visit
deployingradius.com, I there it mentions that the validate server cert check
box must
Hi,
I must be doing something wrong, as per Alan's advice I did visit
deployingradius.com, I there it mentions that the validate server cert check
box must be selected in the 802.1x supplicant config, however I cannot seem
to find where to configure that option BEFORE the first successful
have been modified accordingly.
I have copied ca.pem, client.pem to device filesystem.Private key has been
extracted from client.pem.
Since last week I am trying to authenticate freeradius server but I am
getting error like Unknown CA.
Please see attached radius logs.
When I verify client
copied ca.pem, client.pem to device filesystem.Private key has been
extracted from client.pem.
Since last week I am trying to authenticate freeradius server but I am
getting error like Unknown CA.
Please see attached radius logs.
When I verify client certificate using openssl verify -CApath
Hi,
I have configured the radius server to authenticate EAP-PEAP-MSCHAPv2
I have followed the steps mentioned in the following link.
http://wiki.freeradius.org/WPA_HOWTO
But the client is not able to authenticate.
I am attaching the radiusd log.
The log shows a Unknown CA error.
Can anyone help
11 matches
Mail list logo
