On Jul 25, 2019, at 7:21 PM, peter <peterthesing@gmail.com> wrote:
With ssh-keygen I have created -with password- server.pem and ca.pem.
Why? The process for creating certificates is documented, and works. $ cd raddb/certs $ make Edit the "cnf" files if you need to have custom fields for the certificates. Then, "make" again.
Moved them to /etc/raddb/certs.
but now I've got the following errors:
tls: Failed reading certificate file "/etc/raddb/certs/server.pem"
tls: error:0906D06C:PEM routines:PEM_read_bio:no start line tls: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib rlm_eap_tls: Failed initializing SSL context rlm_eap (EAP): Failed to initialise rlm_eap_tls /etc/raddb/mods-enabled/eap[14]: Instantiation failed for module "eap"
The certificate that was created isn't in the correct format.
Please bear in mind I am new here and this is the first time I going to use freeradius. A little patience is highly appreciated.
What is recommended to solve this problem?
Follow the documentation. Don't use random third-party tools to create certificates in some random format. Alan DeKok.