This is the client telling you it doesn't trust your server ca. Setup the
client correctly.
Danny Kurniawan <[email protected]> wrote:
>Hi All,
>
>I have some intermittent issue with our Radius auth.
>OS : SLES 11
>Radius 2.1.1
>
>We get the cert from GlobalSign and use it at the 2 Radius server. So
>Server A and Server B use the same cert.
>in Server B, ometimes it works fine to authenticate and sometimes its
>failed but everything fine in Server A.
>
>Fri Feb 22 18:31:39 2013 : Auth: Login OK: [sdholakia2] (from client
>AllWirelessAP port 0 via TLS tunnel)
>Fri Feb 22 18:31:39 2013 : Auth: Login OK: [sdholakia2] (from client
>AllWirelessAP port 0 cli A0-88-B4-0F-C3-D8)
>*Fri Feb 22 18:36:30 2013 : Error: TLS Alert read:fatal:unknown CA
>Fri Feb 22 18:36:30 2013 : Error: TLS_accept:failed in SSLv3 read
>client certificate A
>Fri Feb 22 18:36:30 2013 : Error: rlm_eap: SSL error error:14094418:SSL
>routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
>Fri Feb 22 18:36:30 2013 : Error: SSL: SSL_read failed inside of TLS
>(-1),
>TLS session fails.*
>Fri Feb 22 18:36:30 2013 : Auth: Login incorrect: [800200sq] (from
>client
>AllWirelessAP port 0 cli A0-88-B4-58-BA-8C)
>Fri Feb 22 18:37:34 2013 : Auth: Login OK: [800200sq] (from client
>AllWirelessAP port 0 via TLS tunnel)
>Fri Feb 22 18:37:34 2013 : Auth: Login OK: [800200sq] (from client
>AllWirelessAP port 0 cli A0-88-B4-0F-C3-D8)
>
>Any idea what should i check for that error?
>
>Thanks
>
>--
>Best Regards,
>Danny
>
>
>------------------------------------------------------------------------
>
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html
--
Sent from my mobile device, please excuse brevity and typos.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
