Openssl Private Key error

voxner voxner.dev at gmail.com
Tue Aug 16 18:07:35 CEST 2011 

Hi,

I had generated certificates for EAP-TLS authentication. It worked fine in a
linux setup but windows wouldn't play ball. 

Somebody pointed out that the CA.* scripts in the ssl directory can generate
windows compatible certs. I did that but when I try to use that I get the
following error regarding the private key I use during the eap handshake at
the supplicant end (taken from the logs of wpa_supplicant). 

==================================================
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER) failed
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER) failed
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
OpenSSL: pending error: error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:0D09A00D:asn1 encoding
routines:d2i_PrivateKey:ASN1 lib
OpenSSL: pending error: error:140CB00D:SSL
routines:SSL_use_PrivateKey_file:ASN1 lib
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (PEM) failed
error:06074079:digital envelope routines:EVP_PBE_CipherInit:unknown pbe
algorithm
OpenSSL: pending error: error:23077073:PKCS12
routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error
OpenSSL: pending error: error:2306A075:PKCS12
routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error
OpenSSL: pending error: error:0907B00D:PEM
routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib
OpenSSL: pending error: error:140CB009:SSL
routines:SSL_use_PrivateKey_file:PEM lib
OpenSSL: tls_read_pkcs12 - Failed to use PKCS#12 file error:0D0680A8:asn1
encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: Failed to load private key
TLS: Failed to load private key
'/home/user/supplicant_testing/eap_authenticator_test/last_cert/newkey.pem'
==================================================


I use wpa_supplicant (0.7.1) in the supplicant end. Can somebody plz give me
some pointers on how to get over this problem. Is there any specific ssl
command or openssl configuration at the supplicant end that I need to take
care of...


--
View this message in context: http://freeradius.1045715.n5.nabble.com/Openssl-Private-Key-error-tp4704998p4704998.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.

More information about the Freeradius-Users mailing list