Freeradius+Active directory - router login authentciation

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Sep 11 10:52:17 CEST 2007


Hi,

> >  tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> >  tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> >  tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"
> >  tls: check_cert_cn = "(null)"
> >  tls: cipher_list = "(null)"
> >  tls: check_cert_issuer = "(null)"
> > rlm_eap_tls: Loading the certificate file as a chain
> > rlm_eap_tls: Unable to open DH file - (null)
> > rlm_eap: Failed to initialize type tls
> 
> It can't open the 'DH file' (don't quite know which one that is),
> but I would assume that it's some (or maybe all?) of the first
> three files. Do they exist? Does the freeradius daemon have the

err, the DH file is the DH file - the Diffie-Hellman file

eg

                        #
                        #  For DH cipher suites to work, you have to
                        #  run OpenSSL to create the DH file first:
                        #
                        #       openssl dhparam -out certs/dh 1024
                        #
                        dh_file = ${certdir}/dh
                        random_file = ${certdir}/random


as per the eap.conf  file - i'm assuming that file hasnt been edited and
sliced and diced beyond use?

alan
 



More information about the Freeradius-Users mailing list