RADSEC / TLS errors but not sure why
Alan DeKok
aland at deployingradius.com
Tue Aug 8 20:20:02 UTC 2023
On Aug 8, 2023, at 4:00 PM, James Wood via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I rebuilt the server, did a fresh install of openssl 3.0.2 and libssl-dev
> (same version) and it started working with the same certs.
That's good.
> After comparing the two, it appears that when freeradius was compiled, it
> chose an old openssl 1.x library and wasn't actually using the correct one
> at all. I don't know how that old version was on the box at time of compile
> (as well as 3.0.2) but once I'd removed 1.x and compiled again, it began
> working on the server.
Some recommendations:
* don't build your own packages
* don't install multiple versions of OpenSSL on the same system. Many things are likely to break
* if your distribution has old versions of FreeRADIUS, then use the packages on http://packages.networkradius.com
* use "radiusd -xv" to see which version of OpenSSL is being used by FreeRADIUS.
Alan DeKok.
More information about the Freeradius-Users
mailing list