Hi,
I have a setup using EAP TLS with CRL check and I get sometimes correctly an
expired certificate presented. But why does Radiator continue with ab Access
Challenge instead of a Reject ?
Wed Nov 30 18:20:11 2011: DEBUG: Handling request with Handler
AuthType="radius"'
Wed Nov 30 18:20:11 2011: DEBUG: Deleting session for xxx, 10.10.10.10, 13
Wed Nov 30 18:20:11 2011: DEBUG: Handling with Radius::AuthFILE: EapTLS
Wed Nov 30 18:20:11 2011: DEBUG: Handling with EAP: code 2, 8, 689, 13
Wed Nov 30 18:20:11 2011: DEBUG: Response type 13
Wed Nov 30 18:20:11 2011: INFO: EAP TLS certificate verification failed:
certificate has expired, 23809: 1 - error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Wed Nov 30 18:20:11 2011: DEBUG: EAP result: 3, EAP TLS Challenge
Wed Nov 30 18:20:11 2011: DEBUG: AuthBy FILE result: CHALLENGE, EAP TLS
Challenge
Wed Nov 30 18:20:11 2011: DEBUG: Access challenged for xxx: EAP TLS Challenge
Wed Nov 30 18:20:11 2011: DEBUG: Packet dump:
*** Sending to 10.1.1.1 port 32769 ....
Code: Access-Challenge
Identifier: 56
Authentic: (<183><181><167><240><188>2<186><243>d<247>d<248><12><151>+
Attributes:
EAP-Message = <1><9><0><17><13><128><0><0><0><7><21><3><1><0><2><2>-
Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Thank you
markus_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator
