Problem configuration eap-tls
listas
mailistas at gmail.com
Fri Sep 22 01:28:56 CEST 2006
> Hi,
>
> > rlm_eap_tls: Loading the certificate file as a chain
> > rlm_eap: SSL error error:02001002:system library:fopen:No such file or directory
> > rlm_eap_tls: Error reading Trusted root CA list
> > rlm_eap: Failed to initialize type tls
>
> it cant load the certificate file. please post your eap.conf
>
> alan
This is my eap.conf, I have omited some comments
eap {
default_eap_type = tls
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
md5 {
}
leap {
}
gtc {
#challenge = "Password: "
auth_type = PAP
}
tls {
private_key_password = ****** # have I to put the server pass phrase here?
private_key_file = ${raddbdir}/certs/server_keycert.pem
certificate_file = ${raddbdir}/certs/server_keycert.pem
# Trusted Root CA list
CA_file = ${raddbdir}/certs/demoCA/cacert.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
fragment_size = 1024
include_length = yes
# check_crl = yes
# check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd"
# check_cert_cn = %{User-Name}
# cipher_list = "DEFAULT"
}
#ttls {
# default_eap_type = md5
# copy_request_to_tunnel = no
# use_tunneled_reply = no
#}
peap {
default_eap_type = mschapv2
# copy_request_to_tunnel = no
# use_tunneled_reply = no
# proxy_tunneled_request_as_eap = yes
}
mschapv2 {
}
}
More information about the Freeradius-Users
mailing list