freeradius with wpa-supplicant eap-tls mode configuration
ammad rehmat
ammad.rehmat at gmail.com
Mon Mar 7 12:54:11 CET 2016
<http://stackoverflow.com/questions/35838822/trying-to-set-up-freeradius-in-eap-tls-mode-using-wpa-supplicant#>
I am trying to setup freeraadius in eap-tls mode. I am using freeradius as
a server and wpa-supplicant as a client. I have installed both packages in
Ubuntu-14.04.3. I am using the sample certificates provided along with
freeradius package. I use the script bootstrap provided in
*/freerad/raddb/cert* . I donot know if this script properly signs the
certificate or not as i am not an expert in this area. I simply provide the
paths to these certificates in client.conf to freeradius and configuration
file in wpa-supplicant. Following is the wpa-supplicant configuration i am
using
network={
ssid="YOUR-SSID"
scan_ssid=1
key_mgmt=WPA-EAP
eap=TLS
identity="alice"
ca_cert="/home/areh/freeradius-server-3.0.11/raddb/certs/ca.pem"
client_cert="/home/areh/freeradius-server-3.0.11/raddb/certs/client.pem"
private_key="/home/areh/freeradius-server-3.0.11/raddb/certs/client.key"
}
I am running freeradius using *Freeradius -X* command and *eapol_test -c
eap-tls.conf -s testing123* for wpa-supplicant command.
I receive the following error on wpa-supplicant terminal:
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER) failed
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER) failed
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
OpenSSL: pending error: error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA
lib
OpenSSL: pending error: error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140CB00D:SSL
routines:SSL_use_PrivateKey_file:ASN1 lib
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (PEM) failed
error:0907B068:PEM routines:PEM_READ_BIO_PRIVATEKEY:bad password read
OpenSSL: pending error: error:140CB009:SSL
routines:SSL_use_PrivateKey_file:PEM lib
OpenSSL: tls_read_pkcs12 - Failed to use PKCS#12 file error:0D0680A8:asn1
encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: Failed to load private key
TLS: Failed to load private key
'/home/areh/freeradius-server-3.0.11/raddb/certs/client.key'
TLS: Failed to set TLS connection parameters
I am using wpa_supplicant-0.7.3 and also tried with 2.5 version, freeradius
version is freeradius-server-3.0.11. I would really appreciate any clue or
help. I am debugging using wireshark and I can see access-challenge and
access-request packets being exchanged but never reach the next message
stage. Kindly help with this problem.
Any help will be appreciated.
Ammad Rehmat
More information about the Freeradius-Users
mailing list