EAP-TLS error

Raghavendra. S raghavendra.akkasali
Tue Jan 8 00:03:09 PST 2008


Hi All,

 I am testing EAP-TLS with wpa supplicant-0.5.9. I have following config file.

# cat /tmp/wpa_supplicant.conf.tmp
ctrl_interface=/var/run/wpa_supplicant
ap_scan=1
fast_reauth=1
eapol_version=1

network={
                ssid="3Com"
                proto=WPA
                scan_ssid=1
                key_mgmt=WPA-EAP IEEE8021X
                pairwise=TKIP
                group=TKIP
                eap=TLS
                identity="jbibe"
                ca_cert="/tmp/certs/root.pem"
                client_cert="/tmp/certs/cert-clt.pem"
                private_key="/tmp/certs/cert-clt.pem"
                private_key_passwd="whatever"
}

please find wpa supplicant failure log for EAP-TLS.

# ./wpa_supplicant -Dwext -ieth0 -c /tmp/wpa_supplicant.conf.tmp -w -ddd
Initializing interface 'eth0' conf '/tmp/wpa_supplicant.conf.tmp'
driver 'wext' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/tmp/wpa_supplicant.conf.tmp' ->
'/tmp/wpa_supplicant.conf.tmp'
Reading configuration file '/tmp/wpa_supplicant.conf.tmp'
ctrl_interface='/var/run/wpa_supplicant'
ap_scan=1
fast_reauth=1
eapol_version=1
Line: 6 - start of a new network block
ssid - hexdump_ascii(len=4):
     33 43 6f 6d                                       3Com
proto: 0x1
scan_ssid=1 (0x1)
key_mgmt: 0x9
pairwise: 0x8
group: 0x8
eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00
identity - hexdump_ascii(len=5):
     6a 62 69 62 65                                    jbibe
ca_cert - hexdump_ascii(len=19):
     2f 74 6d 70 2f 63 65 72 74 73 2f 72 6f 6f 74 2e   /tmp/certs/root.
     70 65 6d                                          pem
client_cert - hexdump_ascii(len=23):
     2f 74 6d 70 2f 63 65 72 74 73 2f 63 65 72 74 2d   /tmp/certs/cert-
     63 6c 74 2e 70 65 6d                              clt.pem
private_key - hexdump_ascii(len=23):
     2f 74 6d 70 2f 63 65 72 74 73 2f 63 65 72 74 2d   /tmp/certs/cert-
     63 6c 74 2e 70 65 6d                              clt.pem
private_key_passwd - hexdump_ascii(len=8): [REMOVED]
Priority group 0
   id=0 ssid='3Com'
Initializing interface (2) 'eth0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
ioctl[SIOCSIWPMKSA]: Invalid argument
SIOCGIWRANGE: WE(compiled)=22 WE(source)=15 enc_capa=0x0
  capabilities: key_mgmt 0x0 enc 0x3
WEXT: Operstate: linkmode=1, operstate=5
Own MAC address: 00:13:e0:9e:9b:2e
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
Added interface eth0
RTM_NEWLINK: operstate=0 ifi_flags=0x1002 ()
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth0' added
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth0' added
State: DISCONNECTED -> SCANNING
Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=4):
     33 43 6f 6d                                       3Com
Trying to get current scan results first without requesting a new scan
to speed up initial association
Received 792 bytes of scan results (9 BSSes)
Scan results: 9
Selecting BSS from priority group 0
Try to find WPA-enabled AP
0: 00:0f:cb:fe:2f:5f ssid='3Com' wpa_ie_len=24 rsn_ie_len=0 caps=0x11
   selected based on WPA IE
   selected WPA AP 00:0f:cb:fe:2f:5f ssid='3Com'
Try to find non-WPA AP
Trying to associate with 00:0f:cb:fe:2f:5f (SSID='3Com' freq=2412 MHz)
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1 proto 1
WPA: set AP WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2
02 01 00 00 50 f2 02 01 00 00 50 f2 01
WPA: clearing AP RSN IE
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT 802.1X
WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00
00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
No keys have been configured - skip key clearing
wpa_driver_wext_set_drop_unencrypted
State: SCANNING -> ASSOCIATING
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
wpa_driver_wext_associate
ioctl[SIOCSIWFREQ]: Operation not supported
Association request to the driver failed
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - portControl=Auto
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:0f:cb:fe:2f:5f
State: ASSOCIATING -> ASSOCIATED
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
Associated to a new BSS: BSSID=00:0f:cb:fe:2f:5f
No keys have been configured - skip key clearing
Associated with 00:0f:cb:fe:2f:5f
WPA: Association event - clear replay counter
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
Cancelling scan request
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b1a len=12
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth0' added
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05 01
Setting authentication timeout: 70 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=5):
     6a 62 69 62 65                                    jbibe
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=14): 01 00 00 0a 02 00 00 0a 01 6a 62 69 62 65
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=10): 01 00 00 06 01 01 00 06 0d 20
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: Trusted root certificate(s) loaded
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER)
failed error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER)
failed error:140CB07C:SSL routines:SSL_use_PrivateKey_file:bad ssl
filetype
OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK
SSL: Private key loaded successfully
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before/connect initialization
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client hello A
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello A
SSL: SSL_connect - want more data
SSL: 102 bytes pending from ssl_out
SSL: 102 bytes left to be sent out (of total 102 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=112): 01 00 00 6c 02 01 00 6c 0d 00 16 03 01 00
61 01 00 00 5d 03 01 47 b1 77 4f 0f 5e 42 38 75 9c 4e 5b c8 9e b0 db
9a 7d 01 0c 29 b2 dd ff ad 1f f1 94 57 a0 9f 85 00 00 36 00 39 00 38
00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 07 00 66 00 05 00 04 00
63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08
00 06 00 03 01 00
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=579): 01 00 02 3f 01 02 02 3f 0d 80 00 00 02 35 16 03
[I deleted big hex values printed here] 12 30 10 31 0e 30 0c 06 03 55
04 03 13 05 6a 62 69 62 65 0e 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=2 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=575) - Flags 0x80
SSL: TLS Message Length: 565
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server hello A
TLS: Certificate verification failed, error 18 (self signed
certificate) depth 0 for '/CN=jbibe'
SSL: (where=0x4008 ret=0x230)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server certificate B
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP-TLS: TLS processing failed
EAP: method process -> ignore=FALSE methodState=DONE decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=17): 01 00 00 0d 02 02 00 0d 0d 00 15 03 01 00 02 02 30
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=8): 01 00 00 04 04 02 00 04
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=9): 01 00 00 05 01 03 00 05 01
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: deinitialize previously used EAP method (13, TLS) at INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=5):
     6a 62 69 62 65                                    jbibe
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=14): 01 00 00 0a 02 03 00 0a 01 6a 62 69 62 65
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=10): 01 00 00 06 01 04 00 06 0d 20
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=4 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: Trusted root certificate(s) loaded
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER)
failed error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER)
failed error:140CB07C:SSL routines:SSL_use_PrivateKey_file:bad ssl
filetype
OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK
SSL: Private key loaded successfully
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before/connect initialization
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client hello A
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello A
SSL: SSL_connect - want more data
SSL: 102 bytes pending from ssl_out
SSL: 102 bytes left to be sent out (of total 102 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=112): 01 00 00 6c 02 04 00 6c 0d 00 16 03 01 00
61 01 00 00 5d 03 01 47 b1 77 6e 14 62 89 1b a1 02 2e 29 9b a4 6c 6e
07 09 15 2c 43 1f bf 4a 42 3b fe 91 b8 f4 8a 9b 00 00 36 00 39 00 38
00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 07 00 66 00 05 00 04 00
63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08
00 06 00 03 01 00
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=579): 01 00 02 3f 01 05 02 3f 0d 80 00 00 02 35 16 03
[I deleted big hex values printed here]
00 12 30 10 31 0e 30 0c 06 03 55 04 03 13 05 6a 62 69 62 65 0e 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=5 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=575) - Flags 0x80
SSL: TLS Message Length: 565
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server hello A
TLS: Certificate verification failed, error 18 (self signed
certificate) depth 0 for '/CN=jbibe'
SSL: (where=0x4008 ret=0x230)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server certificate B
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP-TLS: TLS processing failed
EAP: method process -> ignore=FALSE methodState=DONE decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=17): 01 00 00 0d 02 05 00 0d 0d 00 15 03 01 00 02 02 30
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:0f:cb:fe:2f:5f
RX EAPOL - hexdump(len=8): 01 00 00 04 04 05 00 04
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE

created client and server certificates with following parameters.
root.pem
------------------------------------------------------------------------------

Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:jbibe
Email Address []:.



client certificates
--------------------------------------------------------------------------------
Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:jbibe
Email Address []:.

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:whatever
An optional company name []:.
+ openssl ca -policy policy_anything -out newcert.pem -passin
pass:whatever -key whatever -extensions xpclient_ext -extfile
xpextensions -infiles newreq.pem
Using configuration from /usr/local/openssl/ssl/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Jan  8 07:27:16 2008 GMT
            Not After : Jan  7 07:27:16 2009 GMT
        Subject:
            commonName                = jbibe
        X509v3 extensions:
            X509v3 Extended Key Usage:
            TLS Web Client Authentication
Certificate is to be certified until Jan  7 07:27:16 2009 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated



server  certificate
--------------------------------------------------------------------------------------
Country Name (2 letter code) [AU]:.
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:jbibe
Email Address []:.

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:whatever
An optional company name []:.
+ openssl ca -policy policy_anything -out newcert.pem -passin
pass:whatever -key whatever -extensions xpserver_ext -extfile
xpextensions -infiles newreq.pem
Using configuration from /usr/local/openssl/ssl/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 2 (0x2)
        Validity
            Not Before: Jan  8 07:33:52 2008 GMT
            Not After : Jan  7 07:33:52 2009 GMT
        Subject:
            commonName                = jbibe
        X509v3 extensions:
            X509v3 Extended Key Usage:
            TLS Web Server Authentication
Certificate is to be certified until Jan  7 07:33:52 2009 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated


Radius server is displaying
tlsv1 unknown CA error.

Regards & Thanks
Raghavendra. S



More information about the Hostap mailing list