Hello Alan
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Thu Apr 23 23:42:19 CEST 2009
Hi,
> > When I start it for the first time, it builds all of the 'fake' certs okay
> > and runs properly.
> >
> > (I am not sure if this would be an OpenSSL error or FreeRADIUS error.
> > What would you think the best way to troubleshoot this would be?
> > Or do you have any helpful hints?)
> >
> > However, when I attempt to build real certs, I see the following:
snip - tot he bit of config that concerns me
> > pem_file_type = yes
> > private_key_file = "/usr/local/etc/raddb/certs/server.pem"
> > certificate_file = "/usr/local/etc/raddb/certs/server.pem"
snip to the error
> > rlm_eap: SSL error error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
> > rlm_eap_tls: Error reading private key file /usr/local/etc/raddb/certs/server.pem
> > rlm_eap: Failed to initialize type tls
yep. you've put a PEM file as the key file - is this key file
the file you really want? normally you'd give it a key file
(look at the working out of the box files..
the key file will start
-----BEGIN RSA PRIVATE KEY-----
the pem (certificate file) will start
-----BEGIN CERTIFICATE-----
alan
More information about the Freeradius-Users
mailing list