HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

361

362

363

364

365

366

367

368

369

370

Table 28-6 EAP Problems (continued)

TroubleshootingProblem

ProcessHandshake TLS: AAA Server generated TLS alert:

'certificate_revoked'. The certificates used for validation

have been revoked by the CA

Log MessageUnable to authenticate

The client or supplicant certificate has been revoked.Cause

Advise the user to acquire a new certificate from the

administrator or ISP, and retry authentication.

Solution

VerifyIdentity: Field <Field> in the user certificate did not

match the User-Id '<user-Id>' in the request.

Log Message

The User Name configured in the certificate does not

match the User Name specified in the request.

Cause

Verify the Client User Name Attribute configured in the

Certificates screen under Server Properties in the Server

Manager.

Solution

This value identifies the attribute in the digital certificate

used to retrieve the user name. The user name in the user

certificate attribute value must match a valid EAP-TLS

user profile.

For example, if the the Client User Name Attribute is

configured as Subject EmailAddress and the

corresponding attribute value in the certificate is

test@example.com. Then, example.com must be a

valid EAP-TLS realm with test as a valid user.

If you have modified the configuration, save the

configuration to the HP-UX AAA Server and restart it.

<EAP type> <field> missing or invalid. Verify <entry> in

Server Properties > Certificate Properties in the Server

Manager and that the file contains a valid <entry>

Log MessageUnable to authenticate

The Certificate Properties configured on the HP-UX AAA

Server are invalid.

Cause

Navigate to the Certificates screen under Server Properties

of the Server Manager. Specify a fully qualified filename

for each of the following:

Solution

• Server Certificate Path

• Server Private Key Path

• Client Certificate Authority Path

• Random Seed Path

For more information, see Chapter 13, Securing LAN

Access with EAP on page 181.

If you have modified the configuration, save the

configuration to the HP-UX AAA Server and restart it.

362 Troubleshooting Procedures