Julian Stöver wrote: > I'm running Freeradius2 with EAP-TLS. I've created new certificates and > putted them into my certs-dir. Radius starts with no errors. But if I > try to login, I get this TLS Error: ... >> rlm_eap_tls: <<< TLS 1.0 Handshake [length 0467], Certificate >> --> verify error:num=18:self signed certificate >> rlm_eap_tls: >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
You have given the client a self-signed certificate. You have given the server a completely *different* set of certificates. Since there is no common point of reference, the user cannot authenticate. You need to give the client a certificate that is signed by the server certificate. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
