Hi Ludovic, This is another error seen when the radius log is checked; [image: image.png]
What could cause this because the portal is not inactive. On Fri, 21 May 2021 at 20:24, Ezeh Victor <vickeyzed...@gmail.com> wrote: > Hi Ludovic, > > I was still going through the logs and I think i found the error; > [image: image.png] > > [image: image.png] > > So there is an SSL handshake failure. I do not understand the reason for > this error. > > Is there a fix for this issue as I believe this is the reason the portal > does not come up. > > I checked the date and time on the box, but that does not seem to be the > issue > > On Fri, 21 May 2021 at 19:41, Ezeh Victor <vickeyzed...@gmail.com> wrote: > >> Hi Ludovic, >> >> Using the IP also gives the same result. >> >> This is the link it tries to reach: >> *https://self-service.dangote-group.com/Cisco::WLC/sid519d0a?&redirect=www.msftconnecttest.com/redirect >> <https://self-service.dangote-group.com/Cisco::WLC/sid519d0a?&redirect=www.msftconnecttest.com/redirect>* >> >> Checking through the logs *harproxy_portal.log*, there is no trace of >> the user. >> >> On Fri, 21 May 2021 at 17:16, Zammit, Ludovic <luza...@akamai.com> wrote: >> >>> In the url on the portal, is it HTTP or HTTPS ? >>> >>> What happen if you put the IP instead of the fqdn ? >>> >>> Thanks, >>> >>> *Ludovic Zammit* >>> *Product Support Engineer Principal* >>> *Cell:* +1.613.670.8432 >>> Akamai Technologies - Inverse >>> 145 Broadway >>> Cambridge, MA 02142 >>> Connect with Us: <https://community.akamai.com> >>> <http://blogs.akamai.com> <https://twitter.com/akamai> >>> <http://www.facebook.com/AkamaiTechnologies> >>> <http://www.linkedin.com/company/akamai-technologies> >>> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> >>> >>> On May 21, 2021, at 11:56 AM, Ezeh Victor <vickeyzed...@gmail.com> >>> wrote: >>> >>> Hi Ludovic, >>> >>> I can reach the PF management interface as shown below; >>> >>> <image.png> >>> >>> On Fri, 21 May 2021 at 16:40, Zammit, Ludovic <luza...@akamai.com> >>> wrote: >>> >>>> Ping the DNS name, can you reach the PF management interface ? >>>> >>>> Thanks, >>>> >>>> *Ludovic Zammit* >>>> *Product Support Engineer Principal* >>>> *Cell:* +1.613.670.8432 >>>> Akamai Technologies - Inverse >>>> 145 Broadway >>>> Cambridge, MA 02142 >>>> Connect with Us: <https://community.akamai.com/> >>>> <http://blogs.akamai.com/> >>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!E56aE4ee-NtHDi-SckGp2FeG6-_C_nCitrQEVyw3t4IAojMdFvs0DewBEWd34A$> >>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!E56aE4ee-NtHDi-SckGp2FeG6-_C_nCitrQEVyw3t4IAojMdFvs0DexOrGCc5w$> >>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!E56aE4ee-NtHDi-SckGp2FeG6-_C_nCitrQEVyw3t4IAojMdFvs0Dexcwaotrw$> >>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!E56aE4ee-NtHDi-SckGp2FeG6-_C_nCitrQEVyw3t4IAojMdFvs0Dez-odDWYA$> >>>> >>>> On May 21, 2021, at 9:33 AM, Ezeh Victor <vickeyzed...@gmail.com> >>>> wrote: >>>> >>>> Hi Ludovic, >>>> >>>> Thank you. You were right. >>>> >>>> The internal radius service was up and I had to stop it >>>> <image.png> >>>> >>>> <image.png> >>>> >>>> I restarted the radius service on PF and it came up; >>>> <image.png> >>>> >>>> <image.png> >>>> >>>> The challenge now is that the captive portal is still not available but >>>> this time, the browser tries to go the URL of the captive portal when a >>>> user connects as shown below; >>>> <image.png> >>>> >>>> The Haproxy-portal and httpd-portal services are up and running as >>>> shown below; >>>> >>>> <image.png> >>>> >>>> <image.png> >>>> >>>> >>>> Is there any other dependency I should review? >>>> >>>> On Fri, 21 May 2021 at 13:59, Zammit, Ludovic <luza...@akamai.com> >>>> wrote: >>>> >>>>> It looks like you have another radius process running. >>>>> >>>>> bin/pfcmd service pf stop >>>>> >>>>> ps -edf | grep radiusd >>>>> >>>>> pkill -f -9 radiusd >>>>> >>>>> bin/pfcmd service pf start >>>>> >>>>> See if it fixes it, otherwise look at the radiusd log to see what’s >>>>> going on. >>>>> >>>>> radiusd -d /usr/local/pf/raddb -n auth -CX >>>>> >>>>> Thanks, >>>>> >>>>> *Ludovic Zammit* >>>>> *Product Support Engineer Principal* >>>>> *Cell:* +1.613.670.8432 >>>>> Akamai Technologies - Inverse >>>>> 145 Broadway >>>>> Cambridge, MA 02142 >>>>> Connect with Us: <https://community.akamai.com/> >>>>> <http://blogs.akamai.com/> >>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!GD1Y1VN7hlfRxpFUozPldn0PUiUN1_-qy4jFAuM1puSQI_BAYDYelx7rvFZ_4A$> >>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!GD1Y1VN7hlfRxpFUozPldn0PUiUN1_-qy4jFAuM1puSQI_BAYDYelx64xH5k5w$> >>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!GD1Y1VN7hlfRxpFUozPldn0PUiUN1_-qy4jFAuM1puSQI_BAYDYelx7x4pBIPA$> >>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!GD1Y1VN7hlfRxpFUozPldn0PUiUN1_-qy4jFAuM1puSQI_BAYDYelx4SdnhE_g$> >>>>> >>>>> On May 21, 2021, at 5:44 AM, Ezeh Victor <vickeyzed...@gmail.com> >>>>> wrote: >>>>> >>>>> Hi Ludovic, >>>>> >>>>> Further checks revealed this; >>>>> <image.png> >>>>> >>>>> Attempted to start the radius service failed and there is no >>>>> information on the service using port 1812 that is hindering the service >>>>> from starting. >>>>> >>>>> On Fri, 21 May 2021 at 10:31, Ezeh Victor <vickeyzed...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi Ludovic, >>>>>> >>>>>> I have restarted all PF services, the hostname set to self-service, >>>>>> domain set to dangote-group.com >>>>>> <https://urldefense.com/v3/__http://dangote-group.com__;!!GjvTz_vk!G_FYqU73Hvd_S3hjH0pz2nsxM960sjT_m-Tnd-5fgLV9Lo-gA231JLR_UPUQbQ$> >>>>>> and the result is same. >>>>>> >>>>>> I checked Radius Logs and this is what I observed; >>>>>> <image.png> >>>>>> >>>>>> That is the reason why the service has refused to start as seen below; >>>>>> <image.png> >>>>>> >>>>>> Efforts to start the service have failed. Any ideas please as this is >>>>>> vital to the configuration as highlighted by PF >>>>>> >>>>>> At the moment, the SSL for Radius uses Let's Encrypt as seen below; >>>>>> <image.png> >>>>>> <image.png> >>>>>> >>>>>> And the HTTP SSL uses Godaddy; >>>>>> <image.png> >>>>>> >>>>>> Will this affect the response or redirection to the portal? >>>>>> >>>>>> On Thu, 20 May 2021 at 16:15, Zammit, Ludovic <luza...@akamai.com> >>>>>> wrote: >>>>>> >>>>>>> Keep that ACL and change the URL returned in the radius reply. >>>>>>> >>>>>>> Do you see the captive portal ? >>>>>>> >>>>>>> Restart all PF service once you changed the host and domain name. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> *Ludovic Zammit* >>>>>>> *Product Support Engineer Principal* >>>>>>> *Cell:* +1.613.670.8432 >>>>>>> Akamai Technologies - Inverse >>>>>>> 145 Broadway >>>>>>> Cambridge, MA 02142 >>>>>>> Connect with Us: <https://community.akamai.com/> >>>>>>> <http://blogs.akamai.com/> >>>>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!G_FYqU73Hvd_S3hjH0pz2nsxM960sjT_m-Tnd-5fgLV9Lo-gA231JLRJkmCAIA$> >>>>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!G_FYqU73Hvd_S3hjH0pz2nsxM960sjT_m-Tnd-5fgLV9Lo-gA231JLRbtvD2jg$> >>>>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!G_FYqU73Hvd_S3hjH0pz2nsxM960sjT_m-Tnd-5fgLV9Lo-gA231JLRCjzGrVg$> >>>>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!G_FYqU73Hvd_S3hjH0pz2nsxM960sjT_m-Tnd-5fgLV9Lo-gA231JLRSbpIVUw$> >>>>>>> >>>>>>> On May 20, 2021, at 11:12 AM, Ezeh Victor <vickeyzed...@gmail.com> >>>>>>> wrote: >>>>>>> >>>>>>> Hi Ludovic, >>>>>>> >>>>>>> Reviewing the configuration on WLC, there is an ACL in use to >>>>>>> redirect users that connect to the SSID of interest to PF captive >>>>>>> portal; >>>>>>> <image.png> >>>>>>> >>>>>>> I cannot use the DNS name here like I did in PF but from my initial >>>>>>> response, the name resolves to the IP in the ACL which I believe should >>>>>>> work. >>>>>>> >>>>>>> Could this be the problem? >>>>>>> >>>>>>> On Thu, 20 May 2021 at 15:44, Ezeh Victor <vickeyzed...@gmail.com> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi Ludovic, >>>>>>>> >>>>>>>> Kindly find my observations below; >>>>>>>> >>>>>>>> After certificate installation, I still receive this; >>>>>>>> <image.png> >>>>>>>> >>>>>>>> Your recommendations were followed in your previous email and the >>>>>>>> config was changed to >>>>>>>> *https://self-service.dangote-group.com/Cisco::WLC >>>>>>>> <https://urldefense.com/v3/__https://self-service.dangote-group.com/Cisco::WLC__;!!GjvTz_vk!HrDX1Mox1tt24FNmEoFficJm4MvIuCLEM0jEgCeKrctu9xpKVLUVPqeKprbLQg$>* >>>>>>>> and this time around there was not even a prompt from the browser to >>>>>>>> go to >>>>>>>> the captive portal. >>>>>>>> >>>>>>>> Attempts to visit a site to trigger the captive portal only >>>>>>>> returned this; >>>>>>>> <image.jpeg> >>>>>>>> >>>>>>>> This is the dns resolution; >>>>>>>> <image.png> >>>>>>>> >>>>>>>> On Thu, 20 May 2021 at 14:25, Zammit, Ludovic <luza...@akamai.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hello Victor, >>>>>>>>> >>>>>>>>> <PastedGraphic-8.tiff> >>>>>>>>> >>>>>>>>> Here put the dns name of the portal: >>>>>>>>> https://self-service.dangote-group.com/Cisco::WLC >>>>>>>>> <https://urldefense.com/v3/__https://self-service.dangote-group.com/Cisco::WLC__;!!GjvTz_vk!HrDX1Mox1tt24FNmEoFficJm4MvIuCLEM0jEgCeKrctu9xpKVLUVPqeKprbLQg$> >>>>>>>>> >>>>>>>>> The issue now is to make sure that dns name revolves the PF >>>>>>>>> management interface either local IP or Public IP from the guest >>>>>>>>> (where the >>>>>>>>> device sits) network. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> >>>>>>>>> *Ludovic Zammit* >>>>>>>>> *Product Support Engineer Principal* >>>>>>>>> *Cell:* +1.613.670.8432 >>>>>>>>> Akamai Technologies - Inverse >>>>>>>>> 145 Broadway >>>>>>>>> Cambridge, MA 02142 >>>>>>>>> Connect with Us: <https://community.akamai.com/> >>>>>>>>> <http://blogs.akamai.com/> >>>>>>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!HrDX1Mox1tt24FNmEoFficJm4MvIuCLEM0jEgCeKrctu9xpKVLUVPqfwdi8GTA$> >>>>>>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!HrDX1Mox1tt24FNmEoFficJm4MvIuCLEM0jEgCeKrctu9xpKVLUVPqcdld1VvA$> >>>>>>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!HrDX1Mox1tt24FNmEoFficJm4MvIuCLEM0jEgCeKrctu9xpKVLUVPqfapp-Prg$> >>>>>>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!HrDX1Mox1tt24FNmEoFficJm4MvIuCLEM0jEgCeKrctu9xpKVLUVPqdXqzAMUA$> >>>>>>>>> >>>>>>>>> On May 20, 2021, at 9:21 AM, Ezeh Victor <vickeyzed...@gmail.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>> Hi Ludovic, >>>>>>>>> >>>>>>>>> Let me kindly explain the scenario here....... >>>>>>>>> >>>>>>>>> The PF server's internal IP is *172.31.2.89* and resolves >>>>>>>>> internally to *self-service.dangote-group.com >>>>>>>>> <https://urldefense.com/v3/__http://self-service.dangote-group.com__;!!GjvTz_vk!DpjgWo5gP1LIs1voosgx1XXcF6o5Eymyy_GJIIElLnneSnYkbBldTzwgo0Br6w$>* >>>>>>>>> . >>>>>>>>> >>>>>>>>> We needed Sponsors to be able to approve guest requests over the >>>>>>>>> internet without the need for VPN, so a public DNS mapping was done >>>>>>>>> for the >>>>>>>>> same name to *80.88.10.20* to make that happen. >>>>>>>>> >>>>>>>>> The hostname of PF server is; >>>>>>>>> >>>>>>>>> <image.png> >>>>>>>>> >>>>>>>>> There is no special configuration for web authentication re-direct >>>>>>>>> as the default setup for the captive portal is being used. >>>>>>>>> >>>>>>>>> This is the switch config; >>>>>>>>> <image.png> >>>>>>>>> >>>>>>>>> Should I change the IP information for the registration URL to the >>>>>>>>> public IP? >>>>>>>>> >>>>>>>>> On Thu, 20 May 2021 at 12:34, Zammit, Ludovic <luza...@akamai.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> I’m no mastermind but self-service.dangote-group.com >>>>>>>>>> <https://urldefense.com/v3/__http://self-service.dangote-group.com__;!!GjvTz_vk!DpjgWo5gP1LIs1voosgx1XXcF6o5Eymyy_GJIIElLnneSnYkbBldTzwgo0Br6w$> >>>>>>>>>> is >>>>>>>>>> different from 172.31.2.89. >>>>>>>>>> >>>>>>>>>> Make sure that you have the correct hostname and domain under >>>>>>>>>> Configuration > System Configuration > General configuration >>>>>>>>>> >>>>>>>>>> If you are using web auth redirection change your URL as well >>>>>>>>>> either from the switch config in PF or the switch / controller >>>>>>>>>> itself. >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> >>>>>>>>>> *Ludovic Zammit* >>>>>>>>>> *Product Support Engineer Principal* >>>>>>>>>> *Cell:* +1.613.670.8432 >>>>>>>>>> Akamai Technologies - Inverse >>>>>>>>>> 145 Broadway >>>>>>>>>> Cambridge, MA 02142 >>>>>>>>>> Connect with Us: <https://community.akamai.com/> >>>>>>>>>> <http://blogs.akamai.com/> >>>>>>>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!DpjgWo5gP1LIs1voosgx1XXcF6o5Eymyy_GJIIElLnneSnYkbBldTzyyXBe2sA$> >>>>>>>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!DpjgWo5gP1LIs1voosgx1XXcF6o5Eymyy_GJIIElLnneSnYkbBldTzxMMvUVXw$> >>>>>>>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!DpjgWo5gP1LIs1voosgx1XXcF6o5Eymyy_GJIIElLnneSnYkbBldTzw4ZKXRvA$> >>>>>>>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!DpjgWo5gP1LIs1voosgx1XXcF6o5Eymyy_GJIIElLnneSnYkbBldTzxdUL6X1A$> >>>>>>>>>> >>>>>>>>>> On May 19, 2021, at 6:26 PM, Ezeh Victor <vickeyzed...@gmail.com> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> Hi Ludovic, >>>>>>>>>> >>>>>>>>>> Thank you. >>>>>>>>>> >>>>>>>>>> The Let's Encrypt option was successful as seen below and the >>>>>>>>>> haproxy-admin service was restarted >>>>>>>>>> >>>>>>>>>> <image.png> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> When users try tried to access the captive portal, it was stuck >>>>>>>>>> on this page. >>>>>>>>>> >>>>>>>>>> <image.png> >>>>>>>>>> >>>>>>>>>> All PF services were stopped and started again and users could no >>>>>>>>>> longer access the page above that will enable them to access the >>>>>>>>>> captive >>>>>>>>>> portal. >>>>>>>>>> >>>>>>>>>> kindly assist as this will affect users by resumption. >>>>>>>>>> >>>>>>>>>> On Wed, 19 May 2021 at 20:35, Zammit, Ludovic <luza...@akamai.com> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> The let’s encrypt integration with PF is pretty simple, it’s >>>>>>>>>>> baed of the HTTP challenge. >>>>>>>>>>> >>>>>>>>>>> If you want to use let’s encrypt service, your DNS name >>>>>>>>>>> self-service.dangote-group.con needs to resolve a public IP address >>>>>>>>>>> that is >>>>>>>>>>> bind to the management interface over 443 and 80. >>>>>>>>>>> >>>>>>>>>>> Thanks, >>>>>>>>>>> >>>>>>>>>>> *Ludovic Zammit* >>>>>>>>>>> *Product Support Engineer Principal* >>>>>>>>>>> *Cell:* +1.613.670.8432 >>>>>>>>>>> Akamai Technologies - Inverse >>>>>>>>>>> 145 Broadway >>>>>>>>>>> Cambridge, MA 02142 >>>>>>>>>>> Connect with Us: <https://community.akamai.com/> >>>>>>>>>>> <http://blogs.akamai.com/> >>>>>>>>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM7HPuJdbQ$> >>>>>>>>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM5_CpBuXg$> >>>>>>>>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM7Jgb9D1g$> >>>>>>>>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM7Q7-BCow$> >>>>>>>>>>> >>>>>>>>>>> On May 19, 2021, at 1:29 PM, Ezeh Victor <vickeyzed...@gmail.com> >>>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>> HIi, >>>>>>>>>>> >>>>>>>>>>> My packetfence version is v10.2.0. >>>>>>>>>>> >>>>>>>>>>> I tried using the GUI to upload the required files. >>>>>>>>>>> >>>>>>>>>>> 1. the private key generated when generating a .csr file was >>>>>>>>>>> used in conjunction with the .crt file and this was the error >>>>>>>>>>> message >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> <image.png> >>>>>>>>>>> >>>>>>>>>>> Generating the .csr from the GUI does not generate a private key >>>>>>>>>>> to be used in filling the data requirements. >>>>>>>>>>> >>>>>>>>>>> How can I tackle this? >>>>>>>>>>> >>>>>>>>>>> Also, trying out the let's encrypt option gives this error when >>>>>>>>>>> testing public access >>>>>>>>>>> >>>>>>>>>>> <image.png> >>>>>>>>>>> >>>>>>>>>>> What is the procedure to use either? >>>>>>>>>>> >>>>>>>>>>> On Wed, 19 May 2021 at 13:00, Zammit, Ludovic < >>>>>>>>>>> luza...@akamai.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hello, >>>>>>>>>>>> >>>>>>>>>>>> Which PacketFence version are you using ? If it’s a version > >>>>>>>>>>>> v10 use the GUI for it, otherwise, the server.pem is a bundle of : >>>>>>>>>>>> server.key server.crt and intermediates if any. >>>>>>>>>>>> >>>>>>>>>>>> Thanks, >>>>>>>>>>>> >>>>>>>>>>>> *Ludovic Zammit* >>>>>>>>>>>> *Product Support Engineer Principal* >>>>>>>>>>>> *Cell:* +1.613.670.8432 >>>>>>>>>>>> Akamai Technologies - Inverse >>>>>>>>>>>> 145 Broadway >>>>>>>>>>>> Cambridge, MA 02142 >>>>>>>>>>>> Connect with Us: <https://community.akamai.com/> >>>>>>>>>>>> <http://blogs.akamai.com/> >>>>>>>>>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGjCi8Wzbg$> >>>>>>>>>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGi5eEi6EA$> >>>>>>>>>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGjd3VOgFg$> >>>>>>>>>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGg54xdavA$> >>>>>>>>>>>> >>>>>>>>>>>> On May 19, 2021, at 4:23 AM, Ezeh Victor via PacketFence-users < >>>>>>>>>>>> packetfence-users@lists.sourceforge.net> wrote: >>>>>>>>>>>> >>>>>>>>>>>> Hi, >>>>>>>>>>>> >>>>>>>>>>>> I have been having an issue using a third-party SSL certificate >>>>>>>>>>>> on PF for the captive portal. >>>>>>>>>>>> >>>>>>>>>>>> Based on the documentation, the directive was to change the >>>>>>>>>>>> server.crt and server.key files in the /usr/local/pf/conf/ssl/ >>>>>>>>>>>> folder. >>>>>>>>>>>> >>>>>>>>>>>> I generated the server.csr file using *openssl req -new >>>>>>>>>>>> -newkey rsa:2048 -nodes -keyout server.key -out server.csr*. >>>>>>>>>>>> command >>>>>>>>>>>> >>>>>>>>>>>> I renamed the corresponding files to server.crt and server.pem >>>>>>>>>>>> and copied them to the /usr/local/pf/conf/ssl/ folder and included >>>>>>>>>>>> the >>>>>>>>>>>> server.key file generated during the server.csr generation. >>>>>>>>>>>> >>>>>>>>>>>> After doing this, I restarted the haproxy portal for the change >>>>>>>>>>>> to take effect and it failed until I replace the server.pem file >>>>>>>>>>>> with the >>>>>>>>>>>> original one. >>>>>>>>>>>> >>>>>>>>>>>> Please I need assistance with this. >>>>>>>>>>>> >>>>>>>>>>>> What am I missing? >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> PacketFence-users mailing list >>>>>>>>>>>> PacketFence-users@lists.sourceforge.net >>>>>>>>>>>> >>>>>>>>>>>> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!C54N4JbJxSylz8oux_xKUlZBH1GUAKLr-30v-tBM_yic5PBVVZ9_bOER9HTRj4iI$ >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>> >>>>> >>>> >>>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
