I'm happy to be wrong about this, but in my experience, this parameter: -CApath ca.pem
Needs to be an actual path, not a PEM CA file, where you have performed these steps: download certificate authority cert in PEM format run c_rehash . (openssl script) On Thu, May 15, 2008 at 10:37 AM, Avinash Patil <[EMAIL PROTECTED]> wrote: > Hi All, > > I am trying to use authenticate one embedded WLAN device with using > freeRadius server 2.0.4 > > I have radiusd.conf,client.conf files as per my configuration. > I have created certificates using bootstrap script.Values in > ca.cnf,client.cnf and server.cnf have been modified accordingly. > > I have copied ca.pem, client.pem to device filesystem.Private key has been > extracted from client.pem. > > Since last week I am trying to authenticate freeradius server but I am > getting error like "Unknown CA". > Please see attached radius logs. > > When I verify client certificate using "openssl verify -CApath ca.pem > client.pem" > I see following error: > > Error 20 at depth 0 lookup : unable to get local issuer certificate. > > Device is already tested with Windows 2003 server's TLS(of course with > different set of certificates :<) ) and it is working fine. > What will be possible reason behind this and where am I going wrong? > > Appreciate your help. > > Thanks and Regards, > > Avinash. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
