>I know, but what he does not understand is how to referee when you talk >about "cabundle" because what I have in / cert are the certificates that I >made in the steps of README, which I did not serve for windows, that the >back to delete? >when I run the command openssl x509-inform PEM-in-outform DER ca.pem-out >ca.der, nothing changes, run and I created a "ca.der," what amount to the >notebook and again gives me the same error.
cabundle is not created by freeradius - you have to do that. You have quoted the information that I gave about creating cabundle in your first post (thread had something with CA.all in the title). Add ca.pem and server.pem into a cabundle.pem; convert cabundle.pem into cabundle.der; import cabundle.der onto the client (instead of ca.der). All the information about doing this is available to you. Use it. Ivan Kalik Kalik Informatika ISP > > > > >log: > > >Sending Access-Challenge of id 190 to 10.0.31.40 port 1645 > EAP-Message = >0x010404000dc000000b44160301004a02000046030148f7681908289a36972e0c3b15b0d971036bbe355b9d493d5a4fced4e392e7792010d59ced27c0ac19921ee9205fcc168bbcd8e2e324c80acc31fd8076d8ecc48000390016030108390b000835000832000396308203923082027aa003020102020101300d06092a864886f70d010104050030818c310b3009060355040613024152311530130603550408130c4275656e6f73204169726573311430120603550407130b5265636f6e717569737461310e300c060355040a130549504c414e3120301e06092a864886f70d0109011611636572744069706c616e2e636f6d2e6172311e301c060355 > EAP-Message = >0x04031315436572746966696361746520417574686f72697479301e170d3038313031303134353031385a170d3039313031303134353031385a3073310b3009060355040613024152311530130603550408130c4275656e6f73204169726573310e300c060355040a130549504c414e311b3019060355040313125365727665722043657274696669636174653120301e06092a864886f70d0109011611636572744069706c616e2e636f6d2e617230820122300d06092a864886f70d01010105000382010f003082010a0282010100bacfd3d0fa48b30002182ca8ac9a31672b4ad7dcd6b45d7df598774e7af3c4d6cd46447144260ae3daac561a93e7 > EAP-Message = >0xd97d8a9889591b5cd3cf6924d4dc5aaa78a8013bde946b633e51abb4b6150fbe66a8743dd34a887f5c731a685c811c5660ba3d68abd028679464d28af4171dea0a3e99a80ba7b75c10d3c5480a319ea9b9ca6a9d14536b6524eb6f559b10f8f326d612836e88d2b28e03a574ede8b7a7bfdde0a7846543a713bb279c81bb681e50609c10ca2b2f5b6b4b2c1683c9a60ae8c7121ce2a81fc124189d4f356dee804a45b49f71547f788006bc247c65a98e81c2359cc537ef1c65d8137aa6cf6b2aff605d4da97c7a5abad17885608d027ddc370203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104 > EAP-Message = >0x050003820101008c4607f2629625d8c81fce1a7e3afddd78428b75078cd3d8e56f27c48c18af5aa4bd56bc0cb18b750abdaf2d2c275f280a10f96b7768982115fde0abe0f0efa32fc684ce1d15512346aae7e8bef802a06b2f4b5013614208f5d32916532e9ba00b2a24da3cf20fdd7137b6792b80a508b0ccd5781446eed07f2afe8b132818d4e82c94200f8561b80f55550f9eb8db6cdb5ad6efa0588cfd3bcfbdfd329ce85ccf598ffdc95d5b06a4b7e2ef5b77fb895acf66969780419bdc0c8c0ecfe9d3978ffafcde51868b257f8c14cf2669cce1d7a6c4b0a3868e9bfff3408d694f2250ff3b9e730ceed97d84e6f21e80062326d63c771a946d > EAP-Message = 0x4d7692a192d9ca4b95110004 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xfec434f0fcc03929b80b395aebf61421 >Thu Oct 16 13:13:13 2008 : Debug: Finished request 142. >Thu Oct 16 13:13:13 2008 : Debug: Going to the next request >Thu Oct 16 13:13:13 2008 : Debug: Waking up in 4.3 seconds. >rad_recv: Access-Request packet from host 10.0.31.40 port 1645, id=191, >length=151 > User-Name = "cert" > Framed-MTU = 1400 > Called-Station-Id = "0019.2fdb.9e00" > Calling-Station-Id = "001f.3c22.44c5" > Service-Type = Login-User > Message-Authenticator = 0xa1b889b6c699680d2ff044a1cc9a3ba6 > EAP-Message = 0x020400060d00 > NAS-Port-Type = Wireless-802.11 > NAS-Port = 1194 > State = 0xfec434f0fcc03929b80b395aebf61421 > NAS-IP-Address = 10.0.31.40 > NAS-Identifier = "ap-Reconquista-31" >Thu Oct 16 13:13:13 2008 : Debug: +- entering group authorize >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling preprocess >(rlm_preprocess) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from >preprocess (rlm_preprocess) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[preprocess] returns ok >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling chap >(rlm_chap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from chap >(rlm_chap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[chap] returns noop >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling mschap >(rlm_mschap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from >mschap (rlm_mschap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[mschap] returns noop >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling suffix >(rlm_realm) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: rlm_realm: No '@' in User-Name = >"cert", looking up realm NULL >Thu Oct 16 13:13:13 2008 : Debug: rlm_realm: No such realm "NULL" >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from >suffix (rlm_realm) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[suffix] returns noop >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling eap >(rlm_eap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap: EAP packet type response id 4 >length 6 >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap: No EAP Start, assuming it's an >on-going EAP conversation >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from eap >(rlm_eap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[eap] returns updated >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling unix >(rlm_unix) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from unix >(rlm_unix) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[unix] returns notfound >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling files >(rlm_files) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: users: Matched entry cert at line 76 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from >files (rlm_files) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[files] returns ok >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling expiration >(rlm_expiration) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from >expiration (rlm_expiration) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[expiration] returns noop >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling logintime >(rlm_logintime) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from >logintime (rlm_logintime) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[logintime] returns noop >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: calling pap >(rlm_pap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: rlm_pap: Found existing Auth-Type, not >changing it. >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authorize]: returned from pap >(rlm_pap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[pap] returns noop >Thu Oct 16 13:13:13 2008 : Debug: rad_check_password: Found Auth-Type EAP >Thu Oct 16 13:13:13 2008 : Debug: auth: type "EAP" >Thu Oct 16 13:13:13 2008 : Debug: +- entering group authenticate >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authenticate]: calling eap >(rlm_eap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap: Request found, released from >the list >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap: EAP/tls >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap: processing type tls >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap_tls: Authenticate >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap_tls: processing TLS >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap_tls: Received EAP-TLS ACK message >Thu Oct 16 13:13:13 2008 : Debug: rlm_eap_tls: ack handshake fragment >handler >Thu Oct 16 13:13:13 2008 : Debug: eaptls_verify returned 1 >Thu Oct 16 13:13:13 2008 : Debug: eaptls_process returned 13 >Thu Oct 16 13:13:13 2008 : Debug: modsingle[authenticate]: returned from >eap (rlm_eap) for request 143 >Thu Oct 16 13:13:13 2008 : Debug: ++[eap] returns handled > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
