[RADIATOR] Unknown SSL errors

Michael Hulko mihulko at uwo.ca
Tue Nov 2 10:28:03 CDT 2010


Yes... most clients are working.  We are struggling a little bit with the clients having duplicate Thawte root options (mostly Vista users), but overall it appears to be small in number. 

Thanks
MH

-----Original Message-----
From: Sami Keski-Kasari [mailto:samikk at archred.com] 
Sent: Tuesday, November 02, 2010 11:00 AM
To: Michael Hulko; radiator at open.com.au
Subject: Re: [RADIATOR] Unknown SSL errors

Hi Michael,

Is PEAP working at all?
If it is working for some clients, I think that some user agents are configured to use wrong ca certificate.

-- 
Sami

"Michael Hulko" <mihulko at uwo.ca> wrote:

>I have noticed an increase in the following log messages.  Are these
>user based issues or is this a server based issue.  We are currently
>running version 4.5 and recently upgraded the certificates on the
>server to 2048 bits from Thawte.  Attached is the config with secrets
>removed.  Please advise if I should be concerned or is this normal.
>
> 
>
>ERR: EAP PEAP TLS Handshake unsuccessful:  5928: 1 - error:14094418:SSL
>routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
>
>ERR: EAP PEAP TLS read failed:  5928: 1 - error:1408F455:SSL
>routines:SSL3_GET_RECORD:decryption failed or bad record mac
>
>ERR: EAP PEAP TLS read failed:  5928: 1 - error:140D2081:SSL
>routines:TLS1_ENC:block cipher pad is wrong
>
> 
>
>Much appreciated.
>
> 
>
> 
>
>Michael Hulko
>
>Network Analyst
>
> 
>
>University of Western Ontario
>
>Network Operations Centre
>
>Information Technology Services
>
> 
>
>1393 Western Road, SSB 3300CC
>
>London, Ontario  N6G 1G9
>
> 
>
>tel: 519-661-2111 x81390
>
>e-mail: mihulko at uwo.ca
>
>_______________________________________________
>radiator mailing list
>radiator at open.com.au
>http://www.open.com.au/mailman/listinfo/radiator

-- 
Sami



More information about the radiator mailing list