[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Certificate chain untrusted
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2023-07-31 14:34:01
Message-ID: FFEBC7F8-4D7E-4064-A5B5-BE3B530EBA49 () deployingradius ! com
[Download RAW message or body]

On Jul 31, 2023, at 2:30 AM, Maciej Kowalka <maciejkowalkati@gmail.com> wrote:
> 
> Hi, I've got configures freeradius 3.2 with eap tls, and working
> certificates, users can be authorized to network but I get warnings every
> time :

  If it works...

> Certificate chain - 1 cert(s) untrusted
> 
> (TLS) untrusted certificate with depth [1] subject name
> /C=PL/ST=MyState/O=MyOrg/CN=Intermediate CA
> 
> (TLS) untrusted certificate with depth [0] subject name
> /C=PL/ST=MyState/O=MyOrg/CN=client
> 
> Is there solution to this or so I have to ignore it, and live with it?

  Configure the server so that it knows about the certificates.  That way they will be trusted.

  See mods-available/eap.  Look for "reject_unknown_intermediate_ca"

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]