WPA, EAP-TLS on FreeRADIUS no auth possible
Jouni Malinen
j
Thu Aug 16 19:29:54 PDT 2007
On Thu, Aug 16, 2007 at 03:37:54PM +0200, Alexandros Gougousoudis wrote:
> indicating an eap error, aftern increasing the debug level I get this as
> a possible purpose:
>
> rlm_eap: NAK asked for bad type 0
> rlm_eap: Failed in EAP select
Your debug log from wpa_supplicant does not seem to show a run that
would trigger this failure, but anyway, it looks like the issue is in
use of incorrect wpa_supplicant configuration for EAP-TLS:
> eap=TLS
> identity="scit-acer"
> ca_cert="/etc/cert/ServiceCenter-IT_KHB_HfM_HfS-cacert.pem"
> client_cert="/etc/cert/scit-acer-cert.pem"
> # private_key="/etc/cert/scit-acer-key-mp.pem"
> # private_key_passwd="xxxxx"
EAP-TLS uses client certificate and private key. You have only
configured the certificate. private_key will also need to be configured
to allow EAP-TLS to be used to authenticate the user.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list