On Mon, 2007-05-14 at 22:56 +0200, Alan DeKok wrote: > John Horne wrote: > ... > > Mon May 14 13:38:54 2007 : Info: rlm_eap_tls: Loading the certificate > > file as a chain > > Mon May 14 13:38:54 2007 : Error: rlm_eap: SSL error error:0906D06C:PEM > > routines:PEM_read_bio:no start line > > Ah.... I think what's happening is that OpenSSL is caching the file > from the last time it was read. So the server starts, and reads 1 > certificate from the file. OpenSSL leaves the file open, or remembers > where it left off. When FreeRADIUS asks OpenSSL to read the file again, > OpenSSL continues from where it left off, rather than starting from the > beginning of the file. > Well I like the explanation, but unfortunately it doesn't work. Radiusd still dies at the first HUP.
However, one thing I have noticed is that if I start Freeradius up from /etc/init.d (this is a CentOS server so I used 'service radiusd start'), then I can HUP the daemon once and it stays running. HUP it a second time and it fails (this is with one certificate in the file). If I start Freeradius as '/usr/sbin/radiusd -X', and HUP it, then it fails straight away. In both cases the failure messages are the same as those originally reported. John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: [EMAIL PROTECTED] Fax: +44 (0)1752 233839 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
