How to run CA.all script to generate EAP-TLS certifiate

ann lee ann_ysshi at yahoo.com.cn
Tue Sep 27 05:38:38 CEST 2005 

Hi,all:
  I am new to freeradius world. I am trying to setup EAP-TLS using freeradius server. Would you pls tell me which cisco access point is preferred for the EAP-TLS setup?
 
I have installed openssl-0.9.8 and freeradius-1.0.5 on Redhat 9.0.  I tried several times to generate certificate by runing CA.all script which was downloaded from www.missl.cs.umd.edu/wireless/eaptls. But each time I met same issue and failed to generate the certificates.  I just typed "./CA.all" to run the script, is there any optional parameters need I input ?  (I did not update the file /usr/local/openssl/ssl/openssl.cnf and CA.all) 
 
 the following is part of the error log:
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:whatever
An optional company name []:radius
Using configuration from /usr/local/openssl/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem: (I entered "whatever" for pass phrase, right? I don't know what is the pass phrase?)
./demoCA/serial: No such file or directory (I think this file ./demoCA/serial will be created automatically when running the CA.all, right?)

error while loading serial number
4427:error:02001002:system library:fopen:No such file or directory:bss_file.c:349:fopen('./demoCA/serial','r')
4427:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:351:
No certificate matches private key
4429:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150:
unable to load certificate
4430:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: TRUSTED CERTIFICATE
 
Enclosed is the complete log of runing the script CA.all.  I am not clear the root cause. Your help is very appreciated.  had better provide me a successful log of running the CA.all. I don't know which information I should input when runing the CA.all.
 
Thanks a lot
ann




		
---------------------------------
 雅虎免费G邮箱-中国第一绝无垃圾邮件骚扰超大邮箱
 雅虎助手-搜索、杀毒、防骚扰  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050927/5ee8fce0/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: run_log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050927/5ee8fce0/attachment.ksh>

More information about the Freeradius-Users mailing list