Hello, I’m not sure if this is the right forum for this but I thought I’d ask to see if anyone has ideas or input. Please forgive me if this isn’t the right forum.
We have a Fedora Core 1 box running FreeRadius 1.0.4 and OpenSSL-0.9.7g. We would like to set up EAP/TLS. Everything runs fine, the root cert creates fine, so does the client cert but the server cert does not create. I get the following error: ERROR: adding extensions in section xpserver_ext 5212:error:2207C082:X509 V3 routines:DO_EXT_CONF:unknown extension name:v3_conf.c:123: 5212:error:2206B080:X509 V3 routines:X509V3_EXT_conf:error in extension:v3_conf.c:92:name=extendedKeyUsager, value=1.3.6.1.5.5.7.3.1 No certificate matches private key 5214:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:140: unable to load certificate 5215:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:637:Expecting: TRUSTED CERTIFICATE I have combed the FAQ, along with multiple sites and pulled down the EAPTLS-FreeRadius doc to no avail. I’ve verified my openssl.cnf and CA files carefully. The xpextensions file is located in the same directory as my openssl.cnf file. My question is what have I missed? Is there some FreeRadius or OpenSSL config that I’m missing? Thanks very much, John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
