On 07/09/2012 06:10 PM, Alex Sharaz wrote: > Wed Apr 18 02:13:42 2012: ERR: EAP PEAP TLS read failed: 1116: 1 - > error:14094419:SSL routines:SSL3_READ_BYTES:tlsv1 alert access denied
This is the client telling Radiator it did not like Radiator's certificate. > I'm currently trying to figure out whether all the failures are > associated with one of our University built images but would really > appreciate any hints as to what "tlsv1 alert access denied" actually means You could check this: http://www.open.com.au/pipermail/radiator/2012-January/017945.html and also see Microsoft requirements for their clients: http://technet.microsoft.com/en-us/library/cc731363.aspx For example with OpenSSL you need to have this configuration file option when creating certificates: extendedKeyUsage = serverAuth Please let us know how it goes. Thanks, Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
