Server stopped responding, throwing multiple SSL-related errors
King, Michael
MKing at bridgew.edu
Mon Oct 23 20:33:09 CEST 2006
Sounds very similar to my thread titled SSL_read failed in a system call
from last week.
-----Original Message-----
From: freeradius-users-bounces+mking=bridgew.edu at lists.freeradius.org
[mailto:freeradius-users-bounces+mking=bridgew.edu at lists.freeradius.org]
On Behalf Of Ben Beuchler
Sent: Monday, October 23, 2006 2:06 PM
To: FreeRadius users mailing list
Subject: Server stopped responding, throwing multiple SSL-related errors
I'm running FreeRADIUS 1.1.2 on Ubuntu. This morning one of the two
servers stopped answering requests. The radius log contained
thousands of lines like these:
Mon Oct 23 12:32:56 2006 : Error: TLS Alert write:fatal:illegal
parameter
Mon Oct 23 12:32:56 2006 : Error: TLS_accept:error in SSLv3 read
certificate verify A
Mon Oct 23 12:32:56 2006 : Error: rlm_eap: SSL error
error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message size
Mon Oct 23 12:32:56 2006 : Error: rlm_eap_tls: SSL_read failed in a
system call (-1), TLS session fails.
Mon Oct 23 12:33:02 2006 : Error: TLS_accept:error in SSLv3 read
client certificate A
Mon Oct 23 12:33:02 2006 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Mon Oct 23 12:33:02 2006 : Error: TLS Alert write:fatal:bad record mac
Mon Oct 23 12:33:02 2006 : Error: TLS_accept:error in SSLv3 read
certificate verify A
Mon Oct 23 12:33:02 2006 : Error: rlm_eap: SSL error
error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad
record mac
Mon Oct 23 12:33:02 2006 : Error: rlm_eap_tls: SSL_read failed in a
system call (-1), TLS session fails.
Mon Oct 23 12:33:02 2006 : Error: TLS Alert write:fatal:illegal
parameter
Mon Oct 23 12:33:02 2006 : Error: TLS_accept:error in SSLv3 read
certificate verify A
Mon Oct 23 12:33:02 2006 : Error: rlm_eap: SSL error
error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message size
Mon Oct 23 12:33:02 2006 : Error: rlm_eap_tls: SSL_read failed in a
system call (-1), TLS session fails.
Mon Oct 23 12:33:16 2006 : Error: TLS_accept:error in SSLv3 read
client certificate A
Restarting radiusd fixed it.
My build of FreeRADIUS was built from source, the SSL library is the
Ubuntu system openssl (v. 0.9.7).
Any idea what might have gone wrong?
-Ben
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list