Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Freeradius eap-ttls

    Scheduled Pinned Locked Moved Français
    1 Posts 1 Posters 923 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      floflo59260
      last edited by

      Bonjour,

      J'ai installé freeradius v 2 sur pfsense mais je n'arrive pas à m'authentifier avec eap-ttls sur un client windows 7, j'ai le message suivant sur pfsense:

      TLS Alert read:fatal:unknown CA
      Jun 5 14:14:16 radiusd[21064]: TLS_accept: failed in SSLv3 read client certificate A
      Jun 5 14:14:16 radiusd[21064]: rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
      Jun 5 14:14:16 radiusd[21064]: SSL: SSL_read failed inside of TLS (-1), TLS session fails.
      Jun 5 14:14:16 radiusd[21064]: Login incorrect (TLS Alert read:fatal:unknown CA): [Nicolas] (from client ap port 532 cli 0014.d16a.07d2)

      J'ai mis le certificat CA sur la machine client mais apparemment, il ne connaît pas le certificat.
      J'ai généré les certificats CA, server et client avec cert manager sur pfsense. On sait s 'il faut auto-signé le CA. Quelle(s) est(sont) le(s) certificat(s) à mettre sur la machine client.

      Help me.

      Merci

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.