[RADIATOR] EAP-TLS not getting client cert

Christian Kratzer ck-lists at cksoft.de
Mon Jan 18 04:44:10 CST 2016


a customer of mine has a WLAN EAP-TLS setup where there is an issue that some
clients don't complete the EAP handshake.

When comparing the traces the issue with the failing clients seems to be
that after receiving the certificate from the radius server the clients
never send their client certificate.

The failing clients are all coming from another site which uses cisco 
instead of hp access points.

They claim they can connect fine at the site with hp access points.

Im arguing that the access points are irrelevant here and the clients
not sending their certificate is most propably because of certificate
issues on the client.

Would you all agree with this ?

I cannot think of any other reason but client misconfiguration when TLS
authentication would stop after sending of the server certificate.


Christian Kratzer                   CK Software GmbH
Email:   ck at cksoft.de               Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0       D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9       HRB 245288, Amtsgericht Stuttgart
Mobile:  +49 171 1947 843           Geschaeftsfuehrer: Christian Kratzer
Web:     http://www.cksoft.de/

More information about the radiator mailing list