1 Jul
2015
1 Jul
'15
5:43 p.m.
Hi Jorge, I attempted to upgrade to V3.0.8 however i’m getting this message checking for DH_new in -lcrypto... no checking for DH_new in -lcrypto in /usr/local/lib... no checking for DH_new in -lcrypto in /opt/lib... no configure: error: in `/home/freeradius-server-3.0.8': configure: error: failed linking to libcrypto. Use --with-openssl-lib-dir=<path>, or --with-openssl=no (builds without OpenSSL) See `config.log' for more details Checking the user/lib64 I have [root@freeradius lib64]# pwd /usr/lib64 [root@freeradius lib64]# ls libcry* libcrypt-2.17.so libcrypto.so.10 libcrypto.so.1.0.1e libcryptsetup.so.4 libcryptsetup.so.4.6.0 libcrypt.so libcrypt.so.1 [root@freeradius lib64]# So I tried [root@freeradius freeradius-server-3.0.8]# ./configure --with-openssl-lib-dir=/usr/lib64 And I got these results checking for DH_new in -lcrypto in /usr/lib64... no checking for DH_new in -lcrypto... no checking for DH_new in -lcrypto in /usr/local/lib... no checking for DH_new in -lcrypto in /opt/lib... no configure: error: in `/home/freeradius-server-3.0.8': configure: error: failed linking to libcrypto. Use --with-openssl-lib-dir=<path>, or --with-openssl=no (builds without OpenSSL) See `config.log' for more details Perhaps i’m misunderstanding the error message > On Jul 1, 2015, at 3:12 PM, Jorge Pereira <jpereiran@gmail.com> wrote: > > Please, > > try the 3.0.8 or build from the HEAD > > -- > Jorge Pereira > > On Wed, Jul 1, 2015 at 5:58 PM, Kris Armstrong <kris.armstrong@me.com> > wrote: > >> Hi, >> >> I have migrated my root CA and free radius configs from FreeRadius 2.x to >> 3.0.4 on CentOS7. I’m receiving the following messages when attempting to >> authenticate the client with EAP/TLS. PEAP/MSCHPv2 works perfect. >> >> I have tried to recreate the ROOT CA and Client cert but that produces the >> same error message. I’m not sure where to go from here. >> >> (6) eap_tls : <<< TLS 1.0 Handshake [length 03d4], Certificate >> --> verify error:num=20:unable to get local issuer certificate >> (6) ERROR: eap_tls : SSL says error 20 : unable to get local issuer >> certificate >> (6) eap_tls : >>> TLS 1.0 Alert [length 0002], fatal unknown_ca >> (6) ERROR: eap_tls : TLS Alert write:fatal:unknown CA >> tls: TLS_accept: Error in SSLv3 read client certificate B >> (6) ERROR: eap_tls : SSL says: error:140890B2:SSL >> routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned >> SSL: SSL_read failed in a system call (-1), TLS session fails. >> TLS receive handshake failed during operation >> (6) eap_tls : eaptls_process returned 4 >> (6) ERROR: eap : Failed continuing EAP TLS (13) session. EAP sub-module >> failed >> (6) eap : Failed in EAP select >> (6) [eap] = invalid >> (6) } # authenticate = invalid >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html