Decoupled accounting
Devinder Singh
devinbhullar at gmail.com
Mon Aug 3 08:41:38 CEST 2009
Hi Ivan
I did this
chown root:radiusd /etc/raddb/certs/server.pem
chown root:radiusd /etc/raddb/certs/ca.pem
and then i got the error
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/etc/raddb/certs/server.pem"
certificate_file = "/etc/raddb/certs/server.pem"
CA_file = "/etc/raddb/certs/ca.pem"
private_key_password = "whatever"
dh_file = "/etc/raddb/certs/dh"
random_file = "/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/etc/raddb/certs/bootstrap"
cache {
enable = no
lifetime = 24
max_entries = 255
}
}
rlm_eap: SSL error error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt
rlm_eap_tls: Error reading private key file /etc/raddb/certs/server.pem
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
}
}
Errors initializing modules
2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
> Hi Ivan,
> these are the files in the /cert directory after i had ran the
> instruction in RREADME
>
> Could you let me know how to fix the errors
>
> Thanks
>
>
> linux-h9qt:/etc/raddb/certs # ls
> 01.pem ca.cnf client.cnf client.p12 index.txt
> Makefile serial.old server.key
> 02.pem ca.der client.crt client.pem
> index.txt.attr random server.cnf server.p12
> 03.pem ca.key client.csr devinder at palettemm.com.pem
> index.txt.attr.old README server.crt server.pem
> bootstrap ca.pem client.key dh
> index.txt.old serial server.csr xpextensions
>
>
> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>> Hi Ivan.
>>
>> Ok i have reformetated my machine and installed Radius 2.1.1 from Yast
>> Open Suse 11.
>>
>> I followed the instructions in /etc/raddb/certs/README
>>
>>
>> Module: Linked to sub-module rlm_eap_tls
>> Module: Instantiating eap-tls
>> tls {
>> rsa_key_exchange = no
>> dh_key_exchange = yes
>> rsa_key_length = 512
>> dh_key_length = 512
>> verify_depth = 0
>> pem_file_type = yes
>> private_key_file = "/etc/raddb/certs/server.pem"
>> certificate_file = "/etc/raddb/certs/server.pem"
>> CA_file = "/etc/raddb/certs/ca.pem"
>> private_key_password = "whatever"
>> dh_file = "/etc/raddb/certs/dh"
>> random_file = "/etc/raddb/certs/random"
>> fragment_size = 1024
>> include_length = yes
>> check_crl = no
>> cipher_list = "DEFAULT"
>> make_cert_command = "/etc/raddb/certs/bootstrap"
>> cache {
>> enable = no
>> lifetime = 24
>> max_entries = 255
>> }
>> }
>> rlm_eap: SSL error error:0200100D:system library:fopen:Permission
>> denied
>> rlm_eap_tls: Error reading certificate file
>> /etc/raddb/certs/server.pem
>> rlm_eap: Failed to initialize type tls
>> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
>> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module
>> "eap".
>> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing
>> authenticate section.
>> }
>> }
>> Errors initializing modules
>>
>> 2009/8/1 Ivan Kalik <tnt at kalik.net>:
>>>> I refeer only to version 1.0.4 for the serial file as its not there in
>>>> /etc/raddb/certs/demoCA so i get the serial file from version 1.0.4
>>>>
>>>> But i still get the errror message Bad Encrypt.
>>>>
>>>> What shoud i do next.
>>>
>>> How about following the instructions in raddb/certs/README file?
>>>
>>> Ivan Kalik
>>> Kalik Informatika ISP
>>>
>>>
>>
>>
>>
>> --
>> Devinder
>>
>
>
>
> --
> Devinder
>
--
Devinder
More information about the Freeradius-Users
mailing list