Decoupled accounting
Devinder Singh
devinbhullar at gmail.com
Mon Aug 3 09:58:58 CEST 2009
Hi
I do have the random and dh file
linux-h9qt:/etc/raddb/certs #ls -al
-rw-r----- 1 root root 245 2009-08-03 11:36 dh
-rw-r--r-- 1 root root 384 2009-08-03 12:11 index.txt
-rw-r--r-- 1 root root 21 2009-08-03 12:11 index.txt.attr
-rw-r--r-- 1 root root 21 2009-08-03 11:59 index.txt.attr.old
-rw-r--r-- 1 root root 254 2009-08-03 11:59 index.txt.old
-rw-r----- 1 root radiusd 4441 2008-12-03 21:57 Makefile
-rw-r----- 1 root root 5120 2009-08-03 11:36 random
2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
> HI Ivan,
>
> These are the new error messages
>
> Module: Linked to sub-module rlm_eap_tls
> Module: Instantiating eap-tls
> tls {
> rsa_key_exchange = no
> dh_key_exchange = yes
> rsa_key_length = 512
> dh_key_length = 512
> verify_depth = 0
> pem_file_type = yes
> private_key_file = "/etc/raddb/certs/server.pem"
> certificate_file = "/etc/raddb/certs/server.pem"
> CA_file = "/etc/raddb/certs/ca.pem"
> private_key_password = "devin123"
> dh_file = "/etc/raddb/certs/dh"
> random_file = "/etc/raddb/certs/random"
> fragment_size = 1024
> include_length = yes
> check_crl = no
> cipher_list = "DEFAULT"
> make_cert_command = "/etc/raddb/certs/bootstrap"
> cache {
> enable = no
> lifetime = 24
> max_entries = 255
> }
> }
> rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
> rlm_eap_tls: Error loading randomness
> rlm_eap: Failed to initialize type tls
> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
> }
> }
>
>
>
>
> Devinder
>
> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>> ok i set the password to devin123
>>
>> Module: Instantiating eap-tls
>> tls {
>> rsa_key_exchange = no
>> dh_key_exchange = yes
>> rsa_key_length = 512
>> dh_key_length = 512
>> verify_depth = 0
>> pem_file_type = yes
>> private_key_file = "/etc/raddb/certs/server.pem"
>> certificate_file = "/etc/raddb/certs/server.pem"
>> CA_file = "/etc/raddb/certs/ca.pem"
>> private_key_password = "devin123"
>> dh_file = "/etc/raddb/certs/dh"
>> random_file = "/etc/raddb/certs/random"
>> fragment_size = 1024
>> include_length = yes
>> check_crl = no
>> cipher_list = "DEFAULT"
>> make_cert_command = "/etc/raddb/certs/bootstrap"
>> cache {
>> enable = no
>> lifetime = 24
>> max_entries = 255
>> }
>> }
>> rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
>> rlm_eap_tls: Error loading randomness
>> rlm_eap: Failed to initialize type tls
>> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
>> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
>> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
>> }
>> }
>> Errors initializing modules
>>
>>
>> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>>> Hi Ivan
>>>
>>> I did this
>>>
>>> chown root:radiusd /etc/raddb/certs/server.pem
>>> chown root:radiusd /etc/raddb/certs/ca.pem
>>>
>>> and then i got the error
>>>
>>> Module: Instantiating eap-tls
>>> tls {
>>> rsa_key_exchange = no
>>> dh_key_exchange = yes
>>> rsa_key_length = 512
>>> dh_key_length = 512
>>> verify_depth = 0
>>> pem_file_type = yes
>>> private_key_file = "/etc/raddb/certs/server.pem"
>>> certificate_file = "/etc/raddb/certs/server.pem"
>>> CA_file = "/etc/raddb/certs/ca.pem"
>>> private_key_password = "whatever"
>>> dh_file = "/etc/raddb/certs/dh"
>>> random_file = "/etc/raddb/certs/random"
>>> fragment_size = 1024
>>> include_length = yes
>>> check_crl = no
>>> cipher_list = "DEFAULT"
>>> make_cert_command = "/etc/raddb/certs/bootstrap"
>>> cache {
>>> enable = no
>>> lifetime = 24
>>> max_entries = 255
>>> }
>>> }
>>> rlm_eap: SSL error error:06065064:digital envelope
>>> routines:EVP_DecryptFinal_ex:bad decrypt
>>> rlm_eap_tls: Error reading private key file /etc/raddb/certs/server.pem
>>> rlm_eap: Failed to initialize type tls
>>> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
>>> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
>>> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
>>> }
>>> }
>>> Errors initializing modules
>>>
>>>
>>>
>>>
>>>
>>> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>>>> Hi Ivan,
>>>> these are the files in the /cert directory after i had ran the
>>>> instruction in RREADME
>>>>
>>>> Could you let me know how to fix the errors
>>>>
>>>> Thanks
>>>>
>>>>
>>>> linux-h9qt:/etc/raddb/certs # ls
>>>> 01.pem ca.cnf client.cnf client.p12 index.txt
>>>> Makefile serial.old server.key
>>>> 02.pem ca.der client.crt client.pem
>>>> index.txt.attr random server.cnf server.p12
>>>> 03.pem ca.key client.csr devinder at palettemm.com.pem
>>>> index.txt.attr.old README server.crt server.pem
>>>> bootstrap ca.pem client.key dh
>>>> index.txt.old serial server.csr xpextensions
>>>>
>>>>
>>>> 2009/8/3 Devinder Singh <devinbhullar at gmail.com>:
>>>>> Hi Ivan.
>>>>>
>>>>> Ok i have reformetated my machine and installed Radius 2.1.1 from Yast
>>>>> Open Suse 11.
>>>>>
>>>>> I followed the instructions in /etc/raddb/certs/README
>>>>>
>>>>>
>>>>> Module: Linked to sub-module rlm_eap_tls
>>>>> Module: Instantiating eap-tls
>>>>> tls {
>>>>> rsa_key_exchange = no
>>>>> dh_key_exchange = yes
>>>>> rsa_key_length = 512
>>>>> dh_key_length = 512
>>>>> verify_depth = 0
>>>>> pem_file_type = yes
>>>>> private_key_file = "/etc/raddb/certs/server.pem"
>>>>> certificate_file = "/etc/raddb/certs/server.pem"
>>>>> CA_file = "/etc/raddb/certs/ca.pem"
>>>>> private_key_password = "whatever"
>>>>> dh_file = "/etc/raddb/certs/dh"
>>>>> random_file = "/etc/raddb/certs/random"
>>>>> fragment_size = 1024
>>>>> include_length = yes
>>>>> check_crl = no
>>>>> cipher_list = "DEFAULT"
>>>>> make_cert_command = "/etc/raddb/certs/bootstrap"
>>>>> cache {
>>>>> enable = no
>>>>> lifetime = 24
>>>>> max_entries = 255
>>>>> }
>>>>> }
>>>>> rlm_eap: SSL error error:0200100D:system library:fopen:Permission
>>>>> denied
>>>>> rlm_eap_tls: Error reading certificate file
>>>>> /etc/raddb/certs/server.pem
>>>>> rlm_eap: Failed to initialize type tls
>>>>> /etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
>>>>> /etc/raddb/sites-enabled/inner-tunnel[223]: Failed to find module
>>>>> "eap".
>>>>> /etc/raddb/sites-enabled/inner-tunnel[176]: Errors parsing
>>>>> authenticate section.
>>>>> }
>>>>> }
>>>>> Errors initializing modules
>>>>>
>>>>> 2009/8/1 Ivan Kalik <tnt at kalik.net>:
>>>>>>> I refeer only to version 1.0.4 for the serial file as its not there in
>>>>>>> /etc/raddb/certs/demoCA so i get the serial file from version 1.0.4
>>>>>>>
>>>>>>> But i still get the errror message Bad Encrypt.
>>>>>>>
>>>>>>> What shoud i do next.
>>>>>>
>>>>>> How about following the instructions in raddb/certs/README file?
>>>>>>
>>>>>> Ivan Kalik
>>>>>> Kalik Informatika ISP
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Devinder
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Devinder
>>>>
>>>
>>>
>>>
>>> --
>>> Devinder
>>>
>>
>>
>>
>> --
>> Devinder
>>
>
>
>
> --
> Devinder
>
--
Devinder
More information about the Freeradius-Users
mailing list