EAP-TLS error: RSA_padding_check_PKCS1_type_1:block type is not 01
Alan DeKok
aland at deployingradius.com
Tue Nov 20 14:26:49 CET 2012
Swaraj wrote:
> I'm using Freeradius server2.1.12 on x86 fedora14. My client is using
> (armel ubuntu 10.04 lucid) IMX53 board. When I try connecting to radius
> server I am receiving the following errors.
The client is broken. It's not doing SSL correctly.
> Do we require different certificates for arm boards, as I was able to
> run without any issues on x86 with same certificates.
Because it has different software.
> Tue Nov 20 16:48:05 2012 : Error: TLS Alert write:fatal:decrypt error
> Tue Nov 20 16:48:05 2012 : Error: TLS_accept: failed in SSLv3 read
> certificate verify B
> Tue Nov 20 16:48:05 2012 : Error: rlm_eap: SSL error error:0407006A:rsa
> routines:RSA_padding_check_PKCS1_type_1:block type is not 01
You CANNOT fix this by poking FreeRADIUS.
> I created certificates with the following commands:
This is NOT a certificate issue. Notice that the error is NOT
complaining about certificates.
And why use your own commands to create certs? The scripts in
raddb/certs WORK.
Alan DeKok.
More information about the Freeradius-Users
mailing list