You can also add the following to a file called xpextensions....
RPM-vmware ssl # cat xpextensions
[ xpclient_ext] extendedKeyUsage = 1.3.6.1.5.5.7.3.2
[ xpserver_ext ] extendedKeyUsage = 1.3.6.1.5.5.7.3.1
Then when you sign the cert, you add -extfile = xpextensions
That should get rid of the error, I believe I found all of this in the
EAP-TLS howto, right off the main page of the freeradius site.
-BOb
Alan DeKok wrote:
=?ISO-8859-15?Q?Frank_B=FCttner?= <[EMAIL PROTECTED]> wrote:
When a client try to log in with an valid certificate it works. But I
get this error:
TLS_accept:error in SSLv3 read client certificate A
Ignore it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
