I am also facing the same issue : permission denied (failed parsing configuration item private_key_file) I have already given full access permission to the server.key using *"chmod 777 server.key".*I have also changed the ownership of the server.key so that it can be used by freeradius using *"sudo chown freerad:freerad path/to/private/key/server.key".* But i am still facing the same issue. Please guide to proceed further. Thanks & Regards On Wednesday, September 4, 2024 at 9:40:48 PM UTC+5:30 f.capoano wrote:
> Permission denied should be the issue here. > Ensure freeradius has access to that file. > > F. > > On Tue, 3 Sept 2024 at 15:46, Michele Salerno <[email protected]> wrote: > >> Hi, >> I use acme for certificates but I have error with freeradius. >> To get the certificates I used this script. >> >> #!/bin/bash >> .acme.sh/acme.sh --issue --dns dns_nsupdate \ >> -d openwisp.nnxx.ninux.org \ >> -d *.nnxx.ninux.org \ >> --cert-file /etc/ssl/openwisp/cert.pem \ >> --key-file /etc/ssl/openwisp/key.pem \ >> --fullchain-file /etc/ssl/openwisp/fullchain.pem \ >> --capath /etc/ssl/openwisp/ca.pem --force >> >> ------------------------------- >> >> root@openwisp:~ # systemctl status freeradius.service >> ● freeradius.service - FreeRADIUS multi-protocol policy server >> Loaded: loaded (/lib/systemd/system/freeradius.service; enabled; >> preset: enabled) >> Active: activating (auto-restart) (Result: exit-code) since Tue >> 2024-09-03 21:30:16 CEST; 748ms ago >> Docs: man:radiusd(8) >> man:radiusd.conf(5) >> http://wiki.freeradius.org/ >> http://networkradius.com/doc/ >> Process: 1798 ExecStartPre=/bin/chown freerad:freerad >> /var/run/freeradius (code=exited, status=0/SUCCESS) >> Process: 1799 ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS >> -Cx -lstdout (code=exited, status=1/FAILURE) >> CPU: 46ms >> root@openwisp:~ # systemctl restart freeradius.service >> Job for freeradius.service failed because the control process exited with >> error code. >> See "systemctl status freeradius.service" and "journalctl -xeu >> freeradius.service" for details. >> >> ------------------------------- >> >> oot@openwisp:~ # journalctl -xeu freeradius.service >> ░░ L'unità freeradius.service ha iniziato la fase di avvio. >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: FreeRADIUS >> Version 3.2.6 >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: Copyright (C) >> 1999-2023 The FreeRADIUS server project and contributors >> CUT >> >> >> *set 03 21:30:29 openwisp.nnxx.ninux.org <http://openwisp.nnxx.ninux.org> >> freeradius[1818]: tls: (TLS) Failed reading private key file >> "/etc/ssl/openwisp/key.pem" set 03 21:30:29 openwisp.nnxx.ninux.org >> <http://openwisp.nnxx.ninux.org> freeradius[1818]: tls: (TLS) >> error:8000000D:system library::Permission denied* >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: tls: (TLS) >> error:10080002:BIO routines::system lib >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: tls: (TLS) >> error:0A080002:SSL routines::system lib >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: rlm_eap_ttls: >> Failed initializing SSL context >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: rlm_eap >> (openwisp_eap): Failed to initialise rlm_eap_ttls >> set 03 21:30:29 openwisp.nnxx.ninux.org freeradius[1818]: >> /etc/freeradius/mods-enabled/openwisp_eap[1]: Instantiation failed for >> module "openwisp_eap" >> set 03 21:30:29 openwisp.nnxx.ninux.org systemd[1]: freeradius.service: >> Control process exited, code=exited, status=1/FAILURE >> ░░ Subject: Uscito processo unità >> ░░ Defined-By: systemd >> ░░ Support: https://www.debian.org/support >> ░░ >> ░░ Un processo ExecStartPre appartenente all'unità freeradius.service è >> uscito. >> ░░ >> ░░ Il codice di uscita del processo è 'exited' ed è uscito con 1. >> set 03 21:30:29 openwisp.nnxx.ninux.org systemd[1]: freeradius.service: >> Failed with result 'exit-code'. >> ░░ Subject: Unit fallita >> ░░ Defined-By: systemd >> ░░ Support: https://www.debian.org/support >> ░░ >> ░░ Unità freeradius.service entrata nello stato 'failed' (fallito) con >> risultato 'exit-code'. >> set 03 21:30:29 openwisp.nnxx.ninux.org systemd[1]: Failed to start >> freeradius.service - FreeRADIUS multi-protocol policy server. >> ░░ Subject: L'unità freeradius.service è fallita >> ░░ Defined-By: systemd >> ░░ Support: https://www.debian.org/support >> ░░ >> ░░ L'unità freeradius.service è fallita. >> ░░ >> ░░ Il risultato è failed. >> >> root@openwisp:~ # >> >> -------------------------------------------------------- >> >> oot@openwisp:~ # cd /etc/ssl/openwisp/ >> root@openwisp:openwisp # ll >> totale 32K >> drwxr-xr-x 2 root root 4,0K 10 lug 18.56 . >> drwxr-xr-x 5 root root 4,0K 3 set 21.28 .. >> -rw-r--r-- 1 root root 2,7K 10 lug 18.56 ca.pem >> -rw-r--r-- 1 root root 1,5K 10 lug 18.56 cert.pem >> -rw-r--r-- 1 root root 769 10 lug 19.00 dhparams.pem >> -rw-r--r-- 1 root root 4,1K 10 lug 18.56 fullchain.pem >> -rw------- 1 root root 227 10 lug 18.56 key.pem >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "OpenWISP" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web, visit >> https://groups.google.com/d/msgid/openwisp/fdf15b73-d7dc-470c-9f15-ae5b8b09f242%40gmail.com >> >> <https://groups.google.com/d/msgid/openwisp/fdf15b73-d7dc-470c-9f15-ae5b8b09f242%40gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion, visit https://groups.google.com/d/msgid/openwisp/fc6e31fa-cc4d-4fb2-9276-a7f485c7c3d4n%40googlegroups.com.
