Всем привет! Хочу настроить PEAP для WIFI точки через RADIUS. Пробую авторизоваться ругается что плохой сертификат. Пробовал как сертификаты которые идёт с сервером так и собственного CA.
rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal bad_certificate TLS Alert read:fatal:bad certificate TLS_accept:failed in SSLv3 read client certificate A rlm_eap: SSL error error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate rlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails. eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns reject for request 6 modcall: leaving group authenticate (returns reject) for request 6 auth: Failed to validate the user.
#Config eap.conf
eap { default_eap_type = peap
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
md5 { } leap { } gtc {
auth_type = PAP } tls {
private_key_file = ${raddbdir}//server.key
certificate_file = ${raddbdir}//server.pem
CA_file = ${raddbdir}//cert.pem
dh_file = ${raddbdir}//server.dh random_file = ${raddbdir}//random
} peap { default_eap_type = mschapv2
} mschapv2 { }}
