Hi,
I'm trying to set up EAP/TLS on FreeRadius 0.9.3 under FreeBSD 5.2. I've been following the how-to at http://homepage.mac.com/andreaswolf/public/wpaeap.html. When I run radiusd -X, I get this at the console:
Module: Loaded eap
eap: default_eap_type = "md5"
eap: timer_expire = 60
rlm_eap: Loaded and initialized the type md5
rlm_eap: Loaded and initialized the type leap
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/local/etc/1x/freebsd.pem"
tls: certificate_file = "/usr/local/etc/1x/freebsd.pem"
tls: CA_file = "/usr/local/etc/1x/root.pem"
tls: private_key_password = "password"
tls: dh_file = "/usr/local/etc/1x/DH"
tls: random_file = "/usr/local/etc/1x/random"
tls: fragment_size = 1024
tls: include_length = yes
72587:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:637:Expecting: CERTIFICATE
72587:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:450:
72587:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:423:
72587:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:/usr/src/crypto/openssl/ssl/ssl_rsa.c:709:
rlm_eap_tls: Error reading private key file
rlm_eap: Failed to initialize the type tls
radiusd.conf[602]: eap: Module instantiation failed.
Here are the things that I'm doing differently from the howto: - I installed FreeRadius via the Ports tree. - I'm placing all of my config files in /usr/local/etc - Hopefully nothing else :)
Thanks for any help!
-- Andrew
"By the time they had diminished from 50 to 8, the other dwarves began to suspect "Hungry." -- a Larson cartoon
PGP.sig
Description: This is a digitally signed message part
