EAP-TLS/PEAP problem

Joel MBA OYONE mba_oyone at yahoo.fr
Fri May 2 13:25:56 CEST 2008


Ok, i am sorry!

all i had to do is "yast install make" or something like that to be able to run the command...
ah... Linux !!

 
MBA OYONE Joël
Lot. El Firdaous
Bât GH20, Porte A 204, Appt 8
20000 Oulfa
Casablanca - Maroc
 
Tél. : +212 69 25 85 70


----- Message d'origine ----
De : Joel MBA OYONE <mba_oyone at yahoo.fr>
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Envoyé le : Vendredi, 2 Mai 2008, 9h50mn 05s
Objet : Re : Re : EAP-TLS/PEAP problem

Hello list,

I've just installed SUSE 10.3 and freeradius 2.0.2.2-3 to easily setup my prevoious prob with eap.

right now, when i run "radiusd -W" i encounter this error message:

===
/etc/raddb/certs/bootstrap: line 15: make: command not found
Exec-Program output:
Exec-Program: returned: 127
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/etc/raddb/sites-enabled/default[252]: Failed to find module "eap".
/etc/raddb/sites-enabled/default[199]: Errors parsing authenticate section.
}
}
Errors initializing modules

==

reading the readme file in certs/ directory, i understood that the script bootstrap should create the certificates and some other stuffs, and the should be renamed or destroyed.
- that i see is: the script didn't create nothing and could not be run.
could you please help me to fix it?


( my final goes is to use eap-tls / eap-peap to athenticate wireless clients, and like i said before, i am really newbie on linux. thanx for help)


MBA OYONE Joël
Lot. El Firdaous
Bât GH20, Porte A 204, Appt 8
20000 Oulfa
Casablanca - Maroc

Tél. : +212 69 25 85 70


----- Message d'origine ----
De : Ivan Kalik <tnt at kalik.net>
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Envoyé le : Mercredi, 30 Avril 2008, 11h39mn 36s
Objet : Re: Re : EAP-TLS/PEAP problem

http://www.freeradius.org/download.html

Find the OS version that you have and download the latest freeradius
version rpm.

Ivan Kalik
Kalik Informatika ISP


Dana 30/4/2008, "Joel MBA OYONE" <mba_oyone at yahoo.fr> piše:

>Well, as i am very very newbie on Linux. iuse to work on win2000/2003 before.
>Â i chose the easyway to install freeradius; the "yum" commaand gave me that version.
>if the latest version is easy to install manually on fedora and is able to work on a hp proliant ml-370 g5, i take it.
>Why not the latest version. It will create and install the certificates
>for you. Even if you don't want to install it you can download it and
>use it to create certificates.
>
>Ivan Kalik
>Kalik Informatika ISP
>
>
>Dana 30/4/2008, "Joel MBA OYONE" <mba_oyone at yahoo.fr> piĹĄe:
>
>>Hello list.
>>I am sorry about my poor english skills but hope iĂÂ could be understood anyway.
>>I use freeradius 1.1-7 on fedora 8 (installed with yum command).ĂÂ right now, my users in the "/etc/raddb/users" file are able to authenticate without no problem.
>>iĂÂ intend to use eap-tls and eap-peap to authenticate my users. to do so, i read this tutorial: http://www.wi-fiplanet.com/tutorials/article.php/3557251ĂÂ (two sheets) which is very helpfull.
>>but on the second part of the tuto,ĂÂ i encounter a problem with the extensions part:
>>- it is said to create a file named "extensions" (my case /etc/pki/tls/extensions) and to copy that lines into:
>>[ xpclient_ext]
>>extendedKeyUsage = 1.3.6.1.5.5.7.3.2
>>[ xpserver_ext ]
>>extendedKeyUsage = 1.3.6.1.5.5.7.3.1
>>and then to modify my previous certificate like that:
>># openssl ca -out master_cert.pem -extensions xpserver -infiles ./masterreqpem
>># openssl ca -out client_cert.pem -extensions xpserver -infiles ./clientreqpem 
>>when i do this, the system give me an error message:
>>[root at ensiasra ensiasCA]# pwd
>>/etc/pki/CA/ensiasCA
>>[root at ensiasra ensiasCA]# openssl ca -out certs/ensias_cert.pem -extensions xpserver_ext -infiles certs/radiusserverreq.pem 
>>Using configuration from /etc/pki/tls/openssl.cnf
>>Enter pass phrase for /etc/pki/CA/ensiasCA/private/cakey.pem:
>>Error Loading extension section xpserver_ext
>>4230:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_default name=email_in_dn
>>[root at ensiasra ensiasCA]# 
>>
>>i suppose i have problem creating extensions.... 
>>there's a long time i try to fix it (and some many before), and right now, i come and ask your help to fix it.
>>thanx for helping
>>
>>ĂÂ 
>>MBA OYONE JoÄŤl
>>Lot.. El Firdaous
>>BÄËt GH20, Porte A 204, Appt 8
>>20000 Oulfa
>>Casablanca - Maroc
>>ĂÂ 
>>TÄĹ l. : +212 69 25 85 70
>>
>>__________________________________________________
>>Do You Yahoo!?
>>En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicitÄĹ s 
>>http://mail.yahoo.fr Yahoo! Mail
>>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>__________________________________________________
>Do You Yahoo!?
>En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicitĂŠs 
>http://mail.yahoo.fr Yahoo! Mail 
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


__________________________________________________
Do You Yahoo!?
En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicités 
http://mail.yahoo.fr Yahoo! Mail 

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

__________________________________________________
Do You Yahoo!?
En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicités 
http://mail.yahoo.fr Yahoo! Mail 




More information about the Freeradius-Users mailing list