Frank wrote: > I now get the following error in my radius log on an auth attempt: > > Error: TLS Alert write:fatal:decrypt error > Error: TLS_accept: failed in SSLv3 read certificate verify B > Error: rlm_eap: SSL error error:0407006A:rsa > routines:RSA_padding_check_PKCS1_type_1:block type is not 01 > Error: SSL: SSL_read failed inside of TLS (-1), TLS session fails.
The client is broken. > Now there's several issues: > - I don't know what I changed which caused this behaviour (maybe an openssl > update in Squeeze? Something changes in Windows Vista?) No. > - the client certificates are valid (tested with openssl cli), and work fine > when using for WPA auth > - I don't really know what this error means > - I can't find a solution for it. I've tried: 2048 bit (vs. 4096 bit) RSA > certs and the extensions for XP for both the server and client certs > > Again, the same certificates work fine for WPA auth Which doesn't use certificates. > I hope someone can shed some light onto this issue, or how to pin down the > exact cause of the 'rsa routines:RSA_padding_check_PKCS1_type_1:block type is > not 01' error. Find out which client it is. Mac? Windows? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
