freeradius -X crashes

Henrik Kressner kressner at synkro.dk
Tue Jun 28 16:41:53 CEST 2016 


I am using:

freeradius -v
freeradius: FreeRADIUS Version 2.2.5, for host i586-pc-linux-gnu, built 
on Oct 24 2014 at 04:18:43

Running on a Alix computer with a Voyage Version: 0.10.0 with IP 192.168.1.5

(Voyage is a Debian derivetive)

with

hostapd -v
hostapd v2.3
User space daemon for IEEE 802.11 AP management,
IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Copyright (c) 2002-2014, Jouni Malinen <j at w1.fi> and contributors

On a RPI3 with IP 192.168.1.30 as a NAS/AP.


 From the RPI3 I can use

# radtest tst password 192.168.1.5  0 secret123


with succes.

So I expect hostapd and freeradius to be corect configered?


Here comes the problem:

I followed the howto to this point: 
http://deployingradius.com/documents/configuration/pap.html

I tryid to disable validate server certificate, on a windows 7, but it 
stil ends op showing me:

WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x3e833be03884222b... did not finish!
WARNING: !! Please read
http://wiki.freeradius.org/guide/Certificate_Compatibility

WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


So I expect a certificate problem and follow this howto:

http://deployingradius.com/documents/configuration/certificates.html


This does not work as expectid.

When I run

# freeradius -X

No change.


I suspect the certificates is not moved to where they should be.

(They are in: /usr/share/doc/freeradius/examples/certs


So I copy the cerificate into: /etc/freeradius/certs and check the 
rights. It looks like the original, but its no link.

/etc/freeradius# ls -l certs
-rw-r--r-- 1 root freerad 1700 Jun 28 15:11 ca.pem
-rw-r--r-- 1 root freerad 1834 Jun 28 15:13 server.key
-rw-r--r-- 1 root freerad 3609 Jun 28 15:11 server.pem


Now when i run:

# freeradius -X


It crashes with this:

.......
         url ="http://127.0.0.1/ocsp/"
         use_nonce = yes
         timeout = 0
         softfail = no
     }
    }
rlm_eap: SSL error error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
rlm_eap_tls: Error reading private key file /etc/freeradius/certs/server.key
rlm_eap: Failed to initialize type tls
/etc/freeradius/eap.conf[17]: Instantiation failed for module "eap"
/etc/freeradius/sites-enabled/default[310]: Failed to find "eap" in the "modules" section.
/etc/freeradius/sites-enabled/default[252]: Errors parsing authenticate section.
/etc/freeradius#



Then I am a little lost.


Any idea?


-- 

-------------------------------------------
Med venlig hilsen / Yours Sincerly
Henrik Kressner

More information about the Freeradius-Users mailing list