[RADIATOR] tlsv1 errors
Heikki Vatiainen
hvn at open.com.au
Mon Jul 9 16:08:20 CDT 2012
On 07/09/2012 06:10 PM, Alex Sharaz wrote:
> Wed Apr 18 02:13:42 2012: ERR: EAP PEAP TLS read failed: 1116: 1 -
> error:14094419:SSL routines:SSL3_READ_BYTES:tlsv1 alert access denied
This is the client telling Radiator it did not like Radiator's certificate.
> I'm currently trying to figure out whether all the failures are
> associated with one of our University built images but would really
> appreciate any hints as to what "tlsv1 alert access denied" actually means
You could check this:
http://www.open.com.au/pipermail/radiator/2012-January/017945.html
and also see Microsoft requirements for their clients:
http://technet.microsoft.com/en-us/library/cc731363.aspx
For example with OpenSSL you need to have this configuration file option
when creating certificates:
extendedKeyUsage = serverAuth
Please let us know how it goes.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list