I m hereby attaching the logs for freeradius -X output. Please take a look in to it.
On Friday, June 7, 2024 at 7:19:58 PM UTC+5:30 Kolla Honey wrote: > Hi, > I am trying to up the RADIUS in the openwisp server, so I have added > following lines in my playbook.yml > openwisp2_radius: true > openwisp2_freeradius_install: false > Openwisp2_radius_urls: true > openwisp2_RADIUS_API: true > After installing openwisp server with ansible , I m able to see the radius > tab in the webserver. I followed the openwisp -radius documentation for > eap-ttls configuration with bearer token mechanism and followed all the > steps. > I have updated all the details like nas, rad-reply and other rad-tabled in > the sqlite.db based on freeradius documentation and i made necessary > configurations in the openwisp webserver also. > I used freeradius -X command to run the RADIUS server in the debug mode. > Then I m getting the following error: > > rest ERROR: Request failed: 60 -ssl peer certificate or ssh remote key > was not ok. > > For this error, I contacted the support group and they have suggested to > generate automatic ssl certificates. > > Problem for this, Our team is not ready to buy the domain name. So, I have > installed a local dns server and assigned the domain name for my openwisp > server. > I am able to ping to my website and able to see the results at nslookup > and dig commands. Then I followed the documentation for automatic ssl > certificates, when I m running my ansible with hosts and playbook with new > domain name as input, I m getting error as the dns record is not found for > my domain name. So, I come to know that DNS record has to be their in > internet for Lets encrypt to work. So I went through the playbook about > what output Let's encrypt is providing, I come to know that we are feeding > inputs like openwisp2_ssl_cert and openwisp2_ssl_key . Then I have > generated fullchain.pem and privkey.pem as inputs to the playbook for > openwisp2_ssl_cert and openwisp2_ssl_key and run the ansible with the > playbook as input. > Generated keys are also given as input at EAP file of freeradius.The > openwisp server webpage is generated but still I getting connection not > secure at my web browser. I m getting same error: " rest ERROR: Request > failed: 60 -ssl peer certificate or ssh remote key was not ok." > when running freeradius. > > > Please correct me if I went wrong. Is it correct way of the Up the RADIUS > in openwisp server or any better way is there, Please let me know. > > On Saturday, May 11, 2024 at 11:50:39 PM UTC+5:30 Kolla Honey wrote: > >> I have created the certificates and given as an input in the eap file of >> freeradius.But still I m seeing the same error. What should I do?? >> >> >> >> On Sat, 11 May 2024, 10:31 pm Federico Capoano, <[email protected]> >> wrote: >> >>> If I was you I wouldn't bother to do that and would simply get a valid >>> SSL certificate from Letsencrypt >>> <https://github.com/openwisp/ansible-openwisp2?tab=readme-ov-file#automatic-ssl-certificate> >>> . >>> >>> For anything about freeradius, refer to the freeradius documentation >>> <https://freeradius.org/documentation/> and community support >>> <https://freeradius.org/community/>. >>> >>> I hope this helps. >>> >>> Federico >>> >>> -- >>> >> You received this message because you are subscribed to the Google Groups >>> "OpenWISP" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> >> To view this discussion on the web, visit >>> https://groups.google.com/d/msgid/openwisp/CAAGgX6KwkCE%3DCK1SvOrM6h72cWjfW4VDEuCC3fitToip1_NgkA%40mail.gmail.com >>> >>> <https://groups.google.com/d/msgid/openwisp/CAAGgX6KwkCE%3DCK1SvOrM6h72cWjfW4VDEuCC3fitToip1_NgkA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web, visit https://groups.google.com/d/msgid/openwisp/0ea0df40-05df-4701-acd2-5bd6afac54adn%40googlegroups.com.
Freeradius_log.odt
Description: Zip archive
