Installation freeradius server failed
Stefan Paetow
Stefan.Paetow at ja.net
Wed Jun 18 11:19:29 CEST 2014
> the result of freeradius -X is
> Refusing to start with libssl version OpenSSL 1.0.1 14
> Mar 2012 (in range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed)
>
> how can I change the libssl then? what's the command?
Hi, you don’t need to change libssl. The above is a safety measure introduced after Heartbleed.
What you *do* need to do is modify radiusd.conf and change the "allow_vulnerable_openssl" setting to "yes", since this is a Debian system and the Debian maintainers chose to patch their OpenSSL package instead of moving to the fixed version (1.0.1g).
Stefan
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
More information about the Freeradius-Users
mailing list