[RADIATOR] Unknown SSL errors
Michael Hulko
mihulko at uwo.ca
Tue Nov 2 10:28:03 CDT 2010
Yes... most clients are working. We are struggling a little bit with the clients having duplicate Thawte root options (mostly Vista users), but overall it appears to be small in number.
Thanks
MH
-----Original Message-----
From: Sami Keski-Kasari [mailto:samikk at archred.com]
Sent: Tuesday, November 02, 2010 11:00 AM
To: Michael Hulko; radiator at open.com.au
Subject: Re: [RADIATOR] Unknown SSL errors
Hi Michael,
Is PEAP working at all?
If it is working for some clients, I think that some user agents are configured to use wrong ca certificate.
--
Sami
"Michael Hulko" <mihulko at uwo.ca> wrote:
>I have noticed an increase in the following log messages. Are these
>user based issues or is this a server based issue. We are currently
>running version 4.5 and recently upgraded the certificates on the
>server to 2048 bits from Thawte. Attached is the config with secrets
>removed. Please advise if I should be concerned or is this normal.
>
>
>
>ERR: EAP PEAP TLS Handshake unsuccessful: 5928: 1 - error:14094418:SSL
>routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
>
>ERR: EAP PEAP TLS read failed: 5928: 1 - error:1408F455:SSL
>routines:SSL3_GET_RECORD:decryption failed or bad record mac
>
>ERR: EAP PEAP TLS read failed: 5928: 1 - error:140D2081:SSL
>routines:TLS1_ENC:block cipher pad is wrong
>
>
>
>Much appreciated.
>
>
>
>
>
>Michael Hulko
>
>Network Analyst
>
>
>
>University of Western Ontario
>
>Network Operations Centre
>
>Information Technology Services
>
>
>
>1393 Western Road, SSB 3300CC
>
>London, Ontario N6G 1G9
>
>
>
>tel: 519-661-2111 x81390
>
>e-mail: mihulko at uwo.ca
>
>_______________________________________________
>radiator mailing list
>radiator at open.com.au
>http://www.open.com.au/mailman/listinfo/radiator
--
Sami
More information about the radiator
mailing list