Version 3.0.4 Centos 7 EAP-TLS : EAP failure

John Teasley ollieteasley at gmail.com
Sun Feb 7 19:17:44 CET 2016 

Thanks again Alan. Looks like I had a ton of typos in the test config. Wow.
Sorry I wasted your time with this one. Must have been staring at it to
long or something. Thanks again. I guess now I can read up setting up a
better way to manage all the certs!


NEW RESULTS :

EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: Status notification: completion (param=success)
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: success=1
EAPOL: Successfully fetched key (len=32)
PMK from EAPOL - hexdump(len=32): d8 6e 87 d3 3c 12 2e b8 83 21 72 3b cd c0
ae c2 8a 9a 4a 6c 28 62 2d 25 f4 22 b2 2c 3e c3 18 92
EAP: deinitialize previously used EAP method (13, TLS) at EAP deinit
ENGINE: engine deinit
MPPE keys OK: 2  mismatch: 0
SUCCESS


Ollie Teasley
Linux Administrator
ISMELL.SHOES, LLC


On Sat, Feb 6, 2016 at 9:53 PM, Alan DeKok <aland at deployingradius.com>
wrote:

> On Feb 6, 2016, at 9:22 PM, John Teasley <ollieteasley at gmail.com> wrote:
> > Thanks for the reply Alan! Made all the changes you indicated. However, I
> > am still having issues. Also, is it required to run a proxy if I only use
> > the radius host? This is just for a small home lab. Please see below
> > results. I really appreciate the help.
>
>   It's what I do, despite what some people think. :)
>
> > Also, while I can build from source,
> > would doing so fix this? It seems more like something I have done wrong.
> A
> > rebuild would just reflect the same misconfigurations if that is what the
> > issue is.
>
>   Again, a careful reading of the output is useful:
>
>   From eapol_test:
>
> > OpenSSL: tls_connection_ca_cert - Failed to load root certificates
> > error:02001002:system library:fopen:No such file or directory
> > OpenSSL: pending error: error:2006D080:BIO routines:BIO_new_file:no such
> > file
> > OpenSSL: pending error: error:0B084002:x509 certificate
> > routines:X509_load_cert_crl_file:system lib
> > OpenSSL: tls_load_ca_der - Failed load CA in DER format
> > error:02001002:system library:fopen:No such file or directory
> > OpenSSL: pending error: error:20074002:BIO routines:FILE_CTRL:system lib
>
>   You need to be sure that the certificate exists.  Check the path in the
> eapol_test configuration file.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list