Karthik R wrote: > I'm trying to configure freeradius2.0.3 to authenticate wireless users > against AD.
You should probably use 2.0.4, for a number of reasons. > Installed CA.der certificate alone on the windows xp supplicant, i didnt > generate individual client certificate as i dont want the users to be > have less task to configure wireless . As per my understanding and in > previous freeradius it worked this way installing root.der certificate > alone and without individual supplicant certificate. Yes. > I'm unable to authenticate the users against AD. can someone throw some > light here. Attached the log message. >... > routines:SSL3_SEND_SERVER_KEY_EXCHANGE:missing tmp rsa key > rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails. Weird. I've never seen that before. It looks like the Windows machine is not doing all of the SSL exchange. Try un-checking "validate server certificate" on the Windows box. It's not a good idea for production use, but it may help for testing. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html