I have a scenario where a certificate was generated using a 2048-bit key, and was signed by a CA using a 1024-bit key. The certificate is verified "OK" by openSSL, however when attempting a TLS or TTLS authentication the server fails with the following debug output:
Debug output (FreeRADIUS version 2.1.8.) Error: TLS_accept:failed in SSLv3 read client certificate A Error: rlm_eap: SSL error error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error Error: SSL: SSL_read failed inside of TLS (-1), TLS session fails. The same error sequence occurs regardless of whether we use TLS or TTLS. I'm wondering if the mismatched certificate sizes could be a problem, and whether anyone else has seen this? When using a different set of certificates, but an otherwise unchanged server configuration, authentication is successful. Thanks, Diana ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
