CRL signature failure

To: freeradius-users@lists.freeradius.org
Subject: CRL signature failure
From: lowbassman@gmail.com
Date: Wed, 19 Mar 2008 16:24:55 -0700
Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>

I have a cronjob that pulls down a CRL, runs openssl to verify it's OK, and then stops radius, copies the crl into place, and then starts radius.

Occasionally, around two or three times a month, I get the following errors and no one can auth to radius until the next run of the cronjob when the CRL is again pulled down.

Wed Mar 19 15:01:00 2008 : Error: --> verify error:num=8:CRL signature failure
Wed Mar 19 15:01:00 2008 : Error: TLS Alert write:fatal:decrypt error
Wed Mar 19 15:01:00 2008 : Error: TLS_accept:error in SSLv3 read client certificate B
Wed Mar 19 15:01:00 2008 : Error: rlm_eap: SSL error error:04077068:rsa routines:RSA_verify:bad signature
Wed Mar 19 15:01:00 2008 : Error: rlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails.

Any ideas what might be causing this or how I might determine the cause?
Thanks,
~Matt

Previous by Date: RE: Error EAP
Next by Date: Re: Wifi with Welcome message?
Previous by Thread: Re: Control Items. Make TTLS Require a client cert
Next by Thread: Dead Proxy Detection?
Freeradius-Users March 2008 archives indexes sorted by: [ thread ] [ subject ] [ author ] [ date ]
Freeradius-Users list archive Table of Contents
More information about the Freeradius-Users mailing list

This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.