eap module failed to start

John Dennis jdennis at redhat.com
Mon Oct 22 17:00:24 CEST 2012

On 10/22/2012 10:32 AM, Prateek Kumar wrote:

> rlm_eap: SSL error error:06074079:digital envelope
> routines:EVP_PBE_CipherInit:unknown pbe algorithm
> rlm_eap_tls: Error reading private key file /etc/raddb/certs/private.pem

Just in case it helps to understand what the error message is attempting 
to say. The private key is held in a pkcs12 file. The private key is 
protected by Password Based Encryption (hence pbe). That means given a 
password a specific algorithm is used to encrypt the private key for 
protection purposes. OpenSSL is complaining the PBE algorithm is not 
supported. I'm guessing a new OpenSSL version has deprecated the use of 
an insecure method that your older p12 file used. You need to generate a 
new p12 file.

John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?

More information about the Freeradius-Users mailing list