Error en FreeRadius
Hola estoy configurando el servidor de FreeRadius:
Cuando le añadí el tipo de autentificación con eap (peap) para que soporte
el mschapv2, para poder autentificar a Windows XP, me pide que añade el
soporte EAP-TLS, con lo que lo hice. Ahora me da el siguiente error:
>>Module: Loaded eap
>> eap: default_eap_type = "peap"
>> eap: timer_expire = 60
>> eap: ignore_unknown_eap_types = no
>> eap: cisco_accounting_username_bug = no
>> tls: rsa_key_exchange = no
>> tls: dh_key_exchange = yes
>> tls: rsa_key_length = 512
>> tls: dh_key_length = 512
>> tls: verify_depth = 0
>> tls: CA_path = "(null)"
>> tls: pem_file_type = yes
>> tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
>> tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
>> tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"
>> tls: private_key_password = "wathever"
>> tls: dh_file = "/usr/local/etc/raddb/certs/dh"
>> tls: random_file = "/usr/local/etc/raddb/certs/random"
>> tls: fragment_size = 1024
>> tls: include_length = yes
>> tls: check_crl = yes
>> tls: check_cert_cn = "(null)"
>>4160:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:632:Expecting: CERTIFICATE
>>4160:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
decrypt:evp_enc.c:438:
>>4160:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:421:
>>4160:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM
lib:ssl_rsa.c:707:
>>rlm_eap_tls: Error reading private key file
>>rlm_eap: Failed to initialize type tls
>>radiusd.conf[9]: eap: Module instantiation failed.
Llevo varios días viendo el porqué pero no consigo averiguarlo. He seguido
un montón de manuales, HOW-TO, etc.
Un saludo a todos.
Reply to: