Android13 FreeRadius EAP-PEAP+CA认证失败

查看 25|回复 0
作者:Vicr   
freeradius配置了EAP-PEAP+CA认证的,用eapol_test能过,使用Android 11的设备也能正常连接,但是使用Android 13的设备就不行了,log中显示是authenticate error:0A000438:SSL routines::tlsv1 alert internal error,但找不到具体原因。有用过freeradius的mjj吗?
还有android安装证书只能是安装为WLAN吗?安装成CA就无法连接了,报Unknown CA。
network={
        ssid="example"
        key_mgmt=WPA-EAP
        eap=PEAP
        identity="openWrt"
        anonymous_identity="anonymous"
        password="abcd1234"
        phase2="autheap=MSCHAPV2"
          ca_cert="/home/eapol_test/certs/openwrt-ca.pem"
}
(17)   authenticate {
(17) eap: Expiring EAP session with state 0xee6f7314eacc6ab5
(17) eap: Finished EAP session with state 0xee6f7314eacc6ab5
(17) eap: Previous EAP request found for state 0xee6f7314eacc6ab5, released from the list
(17) eap: Peer sent packet with method EAP PEAP (25)
(17) eap: Calling submodule eap_peap to process data
(17) eap_peap: Continuing EAP-TLS
(17) eap_peap: Peer indicated complete TLS record size will be 7 bytes
(17) eap_peap: Got complete TLS record (7 bytes)
(17) eap_peap: [eaptls verify] = length included
(17) eap_peap: <<< recv TLS 1.2  [length 0005]
(17) eap_peap: <<< recv TLS 1.2  [length 0002]
(17) eap_peap: ERROR: TLS Alert read:fatal:internal error
(17) eap_peap: TLS_accept: Need to read more data: error
(17) eap_peap: ERROR: Failed in __FUNCTION__ (SSL_read): error:0A000438:SSL routines::tlsv1 alert internal error
(17) eap_peap: TLS - In Handshake Phase
(17) eap_peap: TLS - Application data.
(17) eap_peap: ERROR: TLS failed during operation
(17) eap_peap: ERROR: [eaptls process] = fail
(17) eap: ERROR: Failed continuing EAP PEAP (25) session.  EAP sub-module failed
(17) eap: Sending EAP Failure (code 4) ID 163 length 4
(17) eap: Failed in EAP select
(17)     [eap] = invalid
(17)   } # authenticate = invalid

设备, 找不到, 也能

您需要登录后才可以回帖 登录 | 立即注册

返回顶部