Decoupled accounting
Devinder Singh
devinbhullar at gmail.com
Mon Aug 3 08:44:05 CEST 2009
ok i set the password to devin123
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/etc/raddb/certs/server.pem"
certificate_file = "/etc/raddb/certs/server.pem"
CA_file = "/etc/raddb/certs/ca.pem"
private_key_password = "devin123"
dh_file = "/etc/raddb/certs/dh"
random_file = "/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/etc/raddb/certs/bootstrap"
cache {
enable = no
lifetime = 24
max_entries = 255
}
}
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
rlm_eap_tls: Error loading randomness
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
}
}
Errors initializing modules
2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
> Hi Ivan
>
> I did this
>
> chown root:radiusd /etc/raddb/certs/server.pem
> chown root:radiusd /etc/raddb/certs/ca.pem
>
> and then i got the error
>
> Module: Instantiating eap-tls
> tls {
> rsa_key_exchange = no
> dh_key_exchange = yes
> rsa_key_length = 512
> dh_key_length = 512
> verify_depth = 0
> pem_file_type = yes
> private_key_file = "/etc/raddb/certs/server.pem"
> certificate_file = "/etc/raddb/certs/server.pem"
> CA_file = "/etc/raddb/certs/ca.pem"
> private_key_password = "whatever"
> dh_file = "/etc/raddb/certs/dh"
> random_file = "/etc/raddb/certs/random"
> fragment_size = 1024
> include_length = yes
> check_crl = no
> cipher_list = "DEFAULT"
> make_cert_command = "/etc/raddb/certs/bootstrap"
> cache {
> enable = no
> lifetime = 24
> max_entries = 255
> }
> }
> rlm_eap: SSL error error:06065064:digital envelope
> routines:EVP_DecryptFinal_ex:bad decrypt
> rlm_eap_tls: Error reading private key file /etc/raddb/certs/server.pem
> rlm_eap: Failed to initialize type tls
> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
> }
> }
> Errors initializing modules
>
>
>
>
>
> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>> Hi Ivan,
>> these are the files in the /cert directory after i had ran the
>> instruction in RREADME
>>
>> Could you let me know how to fix the errors
>>
>> Thanks
>>
>>
>> linux-h9qt:/etc/raddb/certs # ls
>> 01.pem ca.cnf client.cnf client.p12 index.txt
>> Makefile serial.old server.key
>> 02.pem ca.der client.crt client.pem
>> index.txt.attr random server.cnf server.p12
>> 03.pem ca.key client.csr devinder at palettemm.com.pem
>> index.txt.attr.old README server.crt server.pem
>> bootstrap ca.pem client.key dh
>> index.txt.old serial server.csr xpextensions
>>
>>
>> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>>> Hi Ivan.
>>>
>>> Ok i have reformetated my machine and installed Radius 2.1.1 from Yast
>>> Open Suse 11.
>>>
>>> I followed the instructions in /etc/raddb/certs/README
>>>
>>>
>>> Module: Linked to sub-module rlm_eap_tls
>>> Module: Instantiating eap-tls
>>> tls {
>>> rsa_key_exchange = no
>>> dh_key_exchange = yes
>>> rsa_key_length = 512
>>> dh_key_length = 512
>>> verify_depth = 0
>>> pem_file_type = yes
>>> private_key_file = "/etc/raddb/certs/server.pem"
>>> certificate_file = "/etc/raddb/certs/server.pem"
>>> CA_file = "/etc/raddb/certs/ca.pem"
>>> private_key_password = "whatever"
>>> dh_file = "/etc/raddb/certs/dh"
>>> random_file = "/etc/raddb/certs/random"
>>> fragment_size = 1024
>>> include_length = yes
>>> check_crl = no
>>> cipher_list = "DEFAULT"
>>> make_cert_command = "/etc/raddb/certs/bootstrap"
>>> cache {
>>> enable = no
>>> lifetime = 24
>>> max_entries = 255
>>> }
>>> }
>>> rlm_eap: SSL error error:0200100D:system library:fopen:Permission
>>> denied
>>> rlm_eap_tls: Error reading certificate file
>>> /etc/raddb/certs/server.pem
>>> rlm_eap: Failed to initialize type tls
>>> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
>>> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module
>>> "eap".
>>> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing
>>> authenticate section.
>>> }
>>> }
>>> Errors initializing modules
>>>
>>> 2009/8/1 Ivan Kalik <tnt at kalik.net>:
>>>>> I refeer only to version 1.0.4 for the serial file as its not there in
>>>>> /etc/raddb/certs/demoCA so i get the serial file from version 1.0.4
>>>>>
>>>>> But i still get the errror message Bad Encrypt.
>>>>>
>>>>> What shoud i do next.
>>>>
>>>> How about following the instructions in raddb/certs/README file?
>>>>
>>>> Ivan Kalik
>>>> Kalik Informatika ISP
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Devinder
>>>
>>
>>
>>
>> --
>> Devinder
>>
>
>
>
> --
> Devinder
>
--
Devinder
More information about the Freeradius-Users
mailing list