Hello try to remove every text before -----BEGIN... and END CERTIFICATE ----- as the logs tell you
My 2 eurocents Fred -- Selon Project Manager <[EMAIL PROTECTED]>: > Hi all, > > I've been getting mad with setting up Freeradius for EAP/TLS. Mainly the > problems seem with OpenSSL. > > My setup is: > > * openssl-0.9.7a > * freeradius-snapshot-20021028 > > I have the certificates generated now and checked with ./CA.sh -verify > <cert>.pem and the verification exited with OK. So me concluded it's > time to proceed! > > I proceeded to run the radius server using this little script from > Raymond McKay (http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm#6): > > #!/bin/sh -x > > LD_LIBRARY_PATH=/usr/local/openssl/lib > LD_PRELOAD=/usr/local/openssl/lib/libcrypto.so > > export LD_LIBRARY_PATH LD_PRELOAD > > /usr/local/radius/sbin/radiusd $@ > > And I made sure to change the openssl path to my openssl-0.9.7a directory. > > The following errors issue when the script is run. The full > output of the script is attached: > > tls: include_length = yes > 10322:error:0906D06C:PEM routines:PEM_read_bio:no start > line:pem_lib.c:632:Expecting: CERTIFICATE > 10322:error:06065064:digital envelope > routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:438: > 10322:error:0906A065:PEM routines:PEM_do_header:bad > decrypt:pem_lib.c:421: > 10322:error:140B0009:SSL > routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:707: > rlm_eap_tls: Error reading private key file > rlm_eap: Failed to initialize the type tls > radiusd.conf[538]: eap: Module instantiation failed. > > Why does it say it can't find the "start line"? What is it expecting > that I don't have. > > Sorry for the attachments, thought it is better to provide all data at > once. Also included are my certificates (alex.pem is my server certificate) > > Thank you > ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
