hostapd + freeradius: unknown ca error
Svein Olav Bjerkeset
svein.olav
Sun Jan 12 07:37:36 PST 2014
Hi,
I am trying to set up hostapd with freeradius to be able to authenticate
wifi-users against a kerberos-repository. The radius/kerberos integration
seems to work since radtest succeeds using a kerberos-user.
However when hostapd contacts the radius server, it uses EAP-TLS, and after
some traffic back and forth, hostapd sends a fatal error back to the radius
server stating that the CA is unknown. I have tried to use the ca_cert
option in hostapd.conf and point it to the radius CA, but it did not resolve
the problem. I suspect this option is only used for the internal EAP server
of hostapd (which I do not use).
An strace of open and stat system calls for the hostpad process seems to
show that it does not try to open any file which are SSL-releated.
How can I tell hostapd which CAs to trust when using an external radius
server?
Best reagrds,
Svein Olav Bjerkeset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20140112/b0602674/attachment.htm>
More information about the Hostap
mailing list