wpa_supplicant using EAP-TTLS problem

Bryan Kadzban bryan at kadzban.is-a-geek.net
Thu Nov 8 07:02:49 EST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

王奕元 wrote:
> Forth,
> I copied the RADIUS Server's certs/demoCA/cacert.pem, and placed
> it in my host's /etc/certs

This is probably the easiest method to achieve what you need.  The only
issue with it is:

> TLS: Certificate verification failed, error 10 (certificate has
> expired)

that the cert that you were trying to use has expired (the current time
is later than the "notAfter" time on the cert).  If it actually has
expired, then you'll need to generate a new one (on your RADIUS server)
and copy it over to the client.  If it hasn't actually expired, then
you'll need to ensure the clock on the client is set correctly.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHMvroS5vET1Wea5wRA2mNAKDhvfSCQ/9B8TTT8fodvGMVa5ZckQCg4nKA
kDz25q5Y6bx4frtp9bVHpvE=
=wNaB
-----END PGP SIGNATURE-----



More information about the HostAP mailing list