​Hi Stefan,

Thanks for your advice, it's works now.


thanks
alf​


On Wed, Jun 18, 2014 at 4:19 PM, Stefan Paetow <Stefan.Paetow@ja.net> wrote:
> the result of freeradius -X is
> Refusing to start with libssl version OpenSSL 1.0.1 14
> Mar 2012 (in range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed)
>
> how can I change the libssl then? what's the command?

Hi, you don’t need to change libssl. The above is a safety measure introduced after Heartbleed.

What you *do* need to do is modify radiusd.conf and change the "allow_vulnerable_openssl" setting to "yes", since this is a Debian system and the Debian maintainers chose to patch their OpenSSL package instead of moving to the fixed version (1.0.1g).

Stefan


Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238