Freeradius 3.0.15 failing to read server.pem file
bradleyc at bcsc.k12.in.us
Fri May 17 16:22:29 CEST 2019
Hi Alan! Thanks!
I'm trying to remember where to look for the password in the eap module configuration. I'm guessing at this point that it's in clients.conf?
Sorry, it's been almost 2 years since I set this up and tinkered with it.
Question for you and the group. If we did Ubuntu updates on this server, could that have broken the freeradius configs/functionality?
Appreciate everyones help and patience. =)
>>> Alan DeKok <aland at deployingradius.com> 5/17/2019 9:59 AM >>>
On May 17, 2019, at 9:52 AM, Chris Bradley <bradleyc at bcsc.k12.in.us> wrote:
> We're suddenly having issues where Freeradius will not start. doing
> freeradius -X shows the list below the line.
> Any ideas to help us get it working again? We set it up using an
> install guide so, we are very much newbs at using Freeradius.
FreeRADIUS doesn't suddenly change how it handles the certificates. So something else happened.
> tls: Failed reading private key file
> tls: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad
The private key file is protected by a password. That password is in the FreeRADIUS "eap" module configuration. It's passed to OpenSSL in order to decrypt the private key.
If OpenSSL is returning "bad decrypt", then the password can't decrypt the key. There are a few possibilities:
a) the password in the configuration file is wrong
b) the key was re-encrypted with a different password
You might need to re-generate the private key && certificate.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users