rlm_eap: SSL error error:0D07209B:asn1 encoding routines:ASN1_get_object:too long
Alan DeKok
aland at deployingradius.com
Sun Feb 4 02:51:21 CET 2018
On Feb 3, 2018, at 4:29 PM, Michael Duckett <mduckett at gmail.com> wrote:
>
> Can someone help me understand what I'm doing wrong? I would be so
> appreciative!
The client is broken.
> Tried freeradius on both ubuntu and mac o/s. Getting rlm_eap: SSL error
> error:0D07209B:asn1 encoding routines:ASN1_get_object:too long error.
>
> Verified certificates with openssl.
>
> Ubuntu freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu,
> built on Jul 26 2017 at 15:27:21
>
> openssl version
> OpenSSL 1.0.2g 1 Mar 2016
And... what system is trying to authenticated? That's useful to know, too.
> Here's info from the log:
>
> [tls] --> verify return:1
> [tls] TLS_accept: unknown state
> [tls] <<< Unknown TLS version [length 0005]
> [tls] <<< Unknown TLS version [length 0106]
> [tls] TLS_accept: unknown state
> [tls] <<< Unknown TLS version [length 0005]
> [tls] <<< Unknown TLS version [length 0088]
> [tls] >>> Unknown TLS version [length 0005]
> [tls] >>> Unknown TLS version [length 0002]
> *TLS Alert write:fatal:decrypt error*
> * TLS_accept: failed in error*
> *rlm_eap: SSL error error:0D07209B:asn1 encoding
> routines:ASN1_get_object:too long*
The other end (phone, PC, whatever) is broken. No amount of poking FreeRADIUS will fix it.
Alan DeKok.
More information about the Freeradius-Users
mailing list