rlm_eap: SSL error error on Start Up, Compile question

Jeff Stout Jeff.Stout at tachyon.com
Wed May 19 18:46:02 CEST 2010 

I am trying to install FreeRadius 2.1.8, on my initial package build I ran into issues with lintian
Running Ubuntu with 2.6.24-27-server kernel

dpkg-buildpackage -d -b -uc ( I had to use the -d option as I received dependency errors)

...
dh_installman
dh_lintian
/bin/bash: dh_lintian: command not found
make[1]: *** [binary-common] Error 127
make[1]: Leaving directory `/usr/local/freeradius'
make: *** [binary-arch] Error 2
dpkg-buildpackage: failure: debian/rules binary gave error exit status 2

I modified the /usr/local/freeradius/debian/rules and removed the dh_lintian reference
under the tree "Binary Common"  IS dh_lintian REQUIRED for freeradius to compile and
operate correctly ????

I recompiled my debian package with no errors then installed freeradius I need to use
radius with my backend LDAP Database, we are configuring 802.1X for all of our LAN
switches.

dpkg -i freeradius-common_2.1.8+git_all.deb
dpkg -i libfreeradius2_2.1.8+git_i386.deb
dpkg -i freeradius_2.1.8+git_i386.deb
 dpkg -i freeradius-ldap_2.1.8+git_i386.deb
 dpkg -i freeradius-dialupadmin_2.1.8+git_all.deb

then when I start freeradius I get an error for rlm_eap and SSL this is when it is Instantiating the eap-tls Module.

rlm_eap: SSL error error:02001002:system library:fopen:No such file or directory
rlm_eap_tls: Error reading certificate file /etc/freeradius/certs/server.pem
rlm_eap: Failed to initialize type tls
/etc/freeradius/eap.conf[17]: Instantiation failed for module "eap"
/etc/freeradius/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/freeradius/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.

under my "certs" directory I do not have a server.pem certificate (how do I generate it? )

ls /etc/freeradius/certs/demoCA/index.txt.dpkg-bak  serial.dpkg-bak


Module: Instantiating eap-tls
   tls {
    rsa_key_exchange = no
    dh_key_exchange = yes
    rsa_key_length = 512
    dh_key_length = 512
    verify_depth = 0
    pem_file_type = yes
    private_key_file = "/etc/freeradius/certs/server.pem"
    certificate_file = "/etc/freeradius/certs/server.pem"
    CA_file = "/etc/freeradius/certs/ca.pem"
    private_key_password = "whatever"
    dh_file = "/etc/freeradius/certs/dh"
    random_file = "/etc/freeradius/certs/random"
    fragment_size = 1024
    include_length = yes
    check_crl = no
    cipher_list = "DEFAULT"
    make_cert_command = "/etc/freeradius/certs/bootstrap"
    cache {
    enable = no
    lifetime = 24
    max_entries = 255

any assistance with this is greatly appreciated.

Thank You
Jeff Stout
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100519/5faf5ee0/attachment.html>

More information about the Freeradius-Users mailing list