I am new to this
users list and hope this gets to someone that can help me. I am trying to set up
a RADIUS server for my wireless network. I am running RedHat 8.0 and have
installed freeradius-0.9.3 that I downloaded from the freeradius.org site in
tar.gz format. I am utilizing two HOWTO docs http://www.freeradius.org/doc/EAPTLS.pdf and
http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm#6 .
I am primarliy using the latter for the freeradius setup and certificate
generation. I configured my radiusd.conf (located in
/usr/local/etc/radius/raddb/) based on the second link under the radiusd.conf
section. I then created the script run-radiusd that is also detailed on that
page. I get the following errors:
...
...
...
...
tls: dh_file =
"/etc/1x/r/DH"
tls: random_file = "/etc/1x/r/random"
tls: fragment_size = 1024
tls: include_length = yes
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=default
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=rsa
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=dsa
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=dh
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=rand
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=bn_mod_exp
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=bn_mod_exp_crt
24076:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('/etc/1x/r/CA.pam','r')
24076:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:107:
24076:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
rlm_eap_tls: Error reading Trusted root CA list
rlm_eap: Failed to initialize the type tls
radiusd.conf[600]: eap: Module instantiation failed.
tls: random_file = "/etc/1x/r/random"
tls: fragment_size = 1024
tls: include_length = yes
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=default
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=rsa
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=dsa
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=dh
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=rand
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=bn_mod_exp
24076:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=engine name=bn_mod_exp_crt
24076:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('/etc/1x/r/CA.pam','r')
24076:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:107:
24076:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
rlm_eap_tls: Error reading Trusted root CA list
rlm_eap: Failed to initialize the type tls
radiusd.conf[600]: eap: Module instantiation failed.
Now I do not have a
CA.pam file in my /etc/1x/r/ directory and do not know where or how to get that
file. I did create the CA.root, CA.svr, and CA.clt files and execute them. They
seemed to create all the files except I think the client file has no name except
.p12.... At any rate, here is a directory list of where I ran the CA.* scripts.
(there are suppose to be 3 columns)
.
demoCA
..
.der
.p12
.bash_logout
.pem
.bash_profile
.bashrc .gtkrc root.der
CA.all newcert.pem root.p12
CA.clt root.pem
CA.root xpextensions
CA.svr
.bash_profile
.bashrc .gtkrc root.der
CA.all newcert.pem root.p12
CA.clt root.pem
CA.root xpextensions
CA.svr
If someone can give
me some advice on where to go from here I would appreciate
it.
Thanks! Tony
