When I start it for the first time, it builds all of the 'fake' certs okay and runs properly.
(I am not sure if this would be an OpenSSL error or FreeRADIUS error. What would you think the best way to troubleshoot this would be? Or do you have any helpful hints?)
However, when I attempt to build real certs, I see the following:
snip - tot he bit of config that concerns me
pem_file_type = yes private_key_file = "/usr/local/etc/raddb/certs/server.pem" certificate_file = "/usr/local/etc/raddb/certs/server.pem"
snip to the error
rlm_eap: SSL error error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt rlm_eap_tls: Error reading private key file /usr/local/etc/raddb/certs/server.pem rlm_eap: Failed to initialize type tls
You haven't created server certificate using one password and then entered differnt one in eap.conf? Check tha the password in .cnf file is the same as the one in eap.conf. Ivan Kalik Kalik Informatika ISP