Error in Creating Certificates for EAP in Freeradius

Asked 19/6, 2016 at 11:46 Answered 28/4, 2019 at 7:54

I'm working on creating certificate for eap-tls so i can add this certificate to mobile and then mobile can access the access point without using username or password

I follow the documentation on README in radiusd/certs

So i run make ca.pem to create Root Certificate , and run make server.pem to create Server Certificate

Then run radiusd -X but I have this error:

Failed reading private key file /etc/raddb/certs/server.pem:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
rlm_eap_tls: Failed initializing SSL context
rlm_eap (EAP): Failed to initialise rlm_eap_tls
/etc/raddb/mods-enabled/eap[17]: Instantiation failed for module "eap"

January answered 19/6, 2016 at 11:46 Comment(0)

I found where is the problem after 3 days of searching

In file mods-enable/eap

I have to set the password for private_key_password = radius

To be like the password in file server.cnf

[ req ]
prompt          = no
distinguished_name  = server
default_bits        = 2048
input_password      = radius
output_password     = radius

January answered 23/6, 2016 at 9:49 Comment(0)

I have this issue when I install freeradius to fedora 29

I solve it by

  
cd  /etc/raddb/certs
./bootstrap

Betteanne answered 28/4, 2019 at 7:54 Comment(0)

I found where is the problem after 3 days of searching

In file mods-enable/eap

I have to set the password for private_key_password = radius

To be like the password in file server.cnf

[ req ]
prompt          = no
distinguished_name  = server
default_bits        = 2048
input_password      = radius
output_password     = radius

January answered 23/6, 2016 at 9:49 Comment(0)

Recommended topics

Hot tags