EAP-TLS not initializing

Ben Tucker h_bbit at hotmail.com
Thu Nov 6 19:26:46 CET 2014 

Thanks Alan, please see below.  Unless I am missing something, the files are there...

[root at lasamiq3 raddb]# dir -l certs/radius*
-rw-r--r-- 1 root root 3016 Nov  6 16:42 certs/radius-srv-pri-cert.pem
-rw-r--r-- 1 root root 1606 Nov  6 16:42 certs/radius-srv-pri-key.pem

[root at lasamiq3 raddb]# dir -l certs/demoCA
total 16
-rw-r--r-- 1 root root     751 Nov  6 16:10 cacert.der
-rw-r--r-- 1 root root    1074 Nov  6 16:10 cacert.pem
-rw-r----- 1 root radiusd 1074 Nov  5 18:48 cacert.pem.rpmsave
-rw-r--r-- 1 root root     963 Nov  6 16:10 cakey.pem

   tls {
        rsa_key_exchange = no
        dh_key_exchange = yes
        rsa_key_length = 512
        dh_key_length = 512
        verify_depth = 0
        CA_path = "/etc/raddb/certs/demoCA"
        pem_file_type = yes
        private_key_file = "/etc/raddb/certs/radius-priv-key.pem"
        certificate_file = "/etc/raddb/certs/radius-priv-cert.pem"
        CA_file = "/etc/raddb/certs/demoCA/cacert.pem"
        private_key_password = "mercury"
        dh_file = "/etc/raddb/certs/dh"
        random_file = "/etc/raddb/certs/random"
        fragment_size = 1024
        include_length = yes
        check_crl = no
        cipher_list = "DEFAULT"
    cache {
        enable = no
        lifetime = 24
        max_entries = 255
    }
    verify {
    }
    ocsp {
        enable = no
        override_cert_url = yes
        url = "http://127.0.0.1/ocsp/"
    }
   }
rlm_eap: SSL error error:02001002:system library:fopen:No such file or directory
rlm_eap_tls: Error reading certificate file /etc/raddb/certs/radius-priv-cert.pem
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/etc/raddb/sites-enabled/default[310]: Failed to load module "eap".
/etc/raddb/sites-enabled/default[252]: Errors parsing authenticate section. 
> Date: Thu, 6 Nov 2014 13:06:51 -0500
> From: aland at deployingradius.com
> To: freeradius-users at lists.freeradius.org
> Subject: Re: EAP-TLS not initializing
> 
> Ben Tucker wrote:
> > Ok, installed v2, recreated my certs and still getting same problem.
> 
>   No, you're not.
> 
> > rlm_eap: SSL error error:02001002:system library:fopen:No such file or
> directory
> 
>   That's a different error.
> 
> > Any other ideas?
> 
>   Use the correct filename in the configuration.  Ensure that the file
> exists.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141106/a4f49ac9/attachment.html>

More information about the Freeradius-Users mailing list