Hello.
I create mi certificate with openssl its version is openssl-0.9.7f-7.10.
The configuration from eap.conf is
eap {
default_eap_type = ttls
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
md5 {
}
tls {
private_key_password = whatever
private_key_file = /CA/cert-srv-key.pem
certificate_file = /CA/cert-srv.pem
CA_file = /CA/cacert.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
}
ttls {
default_eap_type = md5
copy_request_to_tunnel = no
}
peap {
default_eap_type = mschapv2
}
mschapv2 {
}
}
=
When I run radiusd it show the followin mistake
recated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/lib
Module: Loaded exec
exec: wait = yes
exec: program = (null)
exec: input_pairs = request
exec: output_pairs = (null)
exec: packet_type = (null)
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = md5
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = (null)
tls: pem_file_type = yes
tls: private_key_file = /CA/cert-srv-key.pem
tls: certificate_file = /CA/cert-srv.pem
tls: CA_file = /CA/cacert.pem
tls: private_key_password = whatever
tls: dh_file = /etc/raddb/certs/dh
tls: random_file = /etc/raddb/certs/random
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = (null)
6592:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:642:Expecting: CERTIFICATE
6592:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:642:Expecting: CERTIFICATE
6592:error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM
lib:ssl_rsa.c:536:
rlm_eap_tls: Error reading certificate file
rlm_eap: Failed to initialize type tls
radiusd.conf[3]: eap: Module instantiation failed.
===
If any have the same problem and have the solution, write me.
This message was sent using IMP, the Internet Messaging Program.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
