EAP-TLS error message

Ben Tucker h_bbit at hotmail.com
Tue Oct 21 21:12:00 CEST 2014


New Freeradius user here.  
I am setting up a ported version of Freeradius to work on Windows, which is version 1.1.7-r0.0.2 (I realize this is old but unsure how to port over a newer version to windows).  No unix/linux server is available to me to do the testing I need done right now.
Below is the debug output when trying to start freeradius.  it is getting hung up under the EAP section.  Any assistance would be greatly appreciated.
Please let me know if you need any other information to assist!
Thanks
Starting - reading configuration files ...reread_config:  reading radiusd.confConfig:   including file: ../etc/raddb/proxy.confConfig:   including file: ../etc/raddb/clients.confConfig:   including file: ../etc/raddb/snmp.confConfig:   including file: ../etc/raddb/eap.confConfig:   including file: ../etc/raddb/sql.conf main: prefix = ".." main: localstatedir = "../var" main: logdir = "../var/log/radius" main: libdir = "../lib" main: radacctdir = "../var/log/radius/radacct" main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = yes main: log_file = "../var/log/radius/radius.log" main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = "../var/run/radiusd/radiusd.pid" main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "../bin/checkrad" main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0read_config_files:  reading dictionaryread_config_files:  reading naslistUsing deprecated naslist file.  Support for this will go away soon.read_config_files:  reading clientsread_config_files:  reading realmsradiusd:  entering modules setupModule: Library search path is ../libModule: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)"rlm_exec: Wait=yes but no output defined. Did you mean output=none?Module: Instantiated exec (exec)Module: Loaded exprModule: Instantiated expr (expr)Module: Loaded PAP pap: encryption_scheme = "crypt" pap: auto_header = noModule: Instantiated pap (pap)Module: Loaded CHAPModule: Instantiated chap (chap)Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = "(null)" mschap: ntlm_auth = "(null)"Module: Instantiated mschap (mschap)Module: Loaded System unix: cache = no unix: passwd = "(null)" unix: shadow = "(null)" unix: group = "(null)" unix: radwtmp = "../var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600Module: Instantiated unix (unix)Module: Loaded eap eap: default_eap_type = "tls" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = norlm_eap: Loaded and initialized type md5rlm_eap: Loaded and initialized type leap gtc: challenge = "Password: " gtc: auth_type = "PAP"rlm_eap: Loaded and initialized type gtc tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/radius-srv-pri-key.pem" tls: certificate_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/radius-srv-pri-cert.pem" tls: CA_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/cacert.pem" tls: private_key_password = "mercury" tls: dh_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/dh" tls: random_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "%{User-Name}" tls: cipher_list = "(null)" tls: check_cert_issuer = "(null)"rlm_eap_tls: Loading the certificate file as a chainrlm_eap: SSL error error:06074079:digital envelope routines:EVP_PBE_CipherInit:unknown pbe algorithmrlm_eap_tls: Error reading private key filerlm_eap: Failed to initialize type tls 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141021/9b5ff10a/attachment.html>


More information about the Freeradius-Users mailing list