So, you should probably create a new certificate with a certified CA or a correct own CA. Install openssl and follow a howto on creating new certificates. Make sure you match Common Name to server.domainname Furthermore change certificate options (like password) in eap.conf.
gr, jelle > > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0377], Certificate --> verify > error:num=20:unable to get local issuer certificate > chain-depth=0, > error=20 > --> User-Name = mike > --> BUF-Name = mike > --> subject = /C=NL/ST=Netherlands/O=C2C/CN=mike/[EMAIL PROTECTED] > --> issuer = > /C=NL/ST=Netherlands/O=C2C/CN=BDHZ_server/[EMAIL PROTECTED] > --> verify return:0 > rlm_eap_tls: >>> TLS 1.0 Alert [length 0002], fatal unknown_ca TLS Alert > write:fatal:unknown CA > TLS_accept:error in SSLv3 read client certificate B > 6996:error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate > returned:s3_srvr.c:2004: > rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails. >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
