03-26-2018 03:08 AM
I have a problem setting up PEAP for my wireless network. I already had a fine working setup with PEAP and Radius-Auth (MS-NPS) before and now just wanted to change the certificate (securelogin.arubanetworks.com) which was published to the clients while authentication. I generated a new csr (securelogin.mydomain.com) and signed it by my ca in my ad. After i imported the ca and the cert via the IAP-GUI, i cannot authenticate to the wireless-network anymore (auth-error).
I've got the following error displayed in the IAP-GUI: "radius server connection failure". Ironically i cannot see any radius-connection if i dump the traffic.
How can i get the radius-connection to work again? How is it possible that the radius-connection is not working anymore? As i already said, i didn't change any settings except the certificate.
Solved! Go to Solution.
03-28-2018 06:21 AM
Problem solved. The imported CA and cert were valid from march 2018. The time on my aruba ap was in 1970 because the ntp-server could not be reached. For this reason the cert was "not valid yet".
radiusd: rlm_eap: Failed to initialize type tls radiusd: rlm_eap_tls: Error reading Trusted root CA list /aruba/radius/certs/ca.pem radiusd-term: rlm_eap_tls: Error reading Trusted root CA list /aruba/radius/certs/ca.pem radiusd: rlm_eap: SSL error ASN date error, current date before radiusd-term: rlm_eap: SSL error ASN date error, current date before