OpenSSL problem with xsupplicant

[Shane Stixrud]

I am attempting to use xsupplicant to connect my fedora 4 laptop to a Open /
static wep / eap-tls enabled cisco wireless network with Cisco ACS radius
server and a Microsoft CA, everything works fine if I just use wep and 
avoid EAP-TLS.

I have installed the latest madwifi rpms and xsupplicant-1.0.1-1 from
ATrpms.  I can connect to the network with just static wep (no eap-tls).

My xsupplicant configuration files seems to be correct, however my 
authentication requests fail during an openssl handshack to my radius 
server with the following error:

[AUTH TYPE]      --- SSL_verify : depth 1
[AUTH TYPE]      --- SSL_verify error : num=19:self signed certificate in
certificate chain:depth=1:/DC=org/DC=vmmc/DC=vmad/CN=vmad1
[AUTH TYPE]      --- SSL : SSLv3 read server certificate B
[AUTH TYPE]      --- ALERT : unknown CA
[AUTH TYPE]      --- SSL : SSLv3 read server certificate B
OpenSSL Error -- error:14090086:SSL 
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failure!

This seems to be a common error for many programs that use openssl. 
I attempted to solve this by adding our Microsoft cert to 
/etc/pki/tls/certs as a hash.  This change did allow openssl verify to 
confirm the certificate without error but did not appear to have any 
affect on xsupplicant.

I would think the above change would behave similarly to adding our
Microsoft CA to our Windows XP clients "Trusted root certificate
authorities" list, but it does not appear so.

Any suggestions would be most welcome.

Cheers,
Shane