Alan, I feel extremely stupid even though I know I am not. Running radiusd -X command as a root gives me the following error message as I posted here yesterday; PS: I'm just posting last part of the output here. The full output can be seen at my previous email that I sent yesterday.
------------------------------------------------------------------------------------------------------------------------------- Module: Instantiating eap eap { default_eap_type = "peap" timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no } Module: Linked to sub-module rlm_eap_md5 Module: Instantiating eap-md5 Module: Linked to sub-module rlm_eap_leap Module: Instantiating eap-leap Module: Linked to sub-module rlm_eap_gtc Module: Instantiating eap-gtc gtc { challenge = "Password: " auth_type = "PAP" } Module: Linked to sub-module rlm_eap_tls Module: Instantiating eap-tls tls { rsa_key_exchange = no dh_key_exchange = yes rsa_key_length = 512 dh_key_length = 512 verify_depth = 0 pem_file_type = yes private_key_file = "/etc/raddb/certs/server.pem" certificate_file = "/etc/raddb/certs/server.pem" CA_file = "/etc/raddb/certs/ca.pem" private_key_password = "whatever" dh_file = "/etc/raddb/certs/dh" random_file = "/etc/raddb/certs/random" fragment_size = 1024 include_length = yes check_crl = no cipher_list = "DEFAULT" make_cert_command = "/etc/raddb/certs/bootstrap" } rlm_eap: SSL error error:0200100D:system library:fopen:Permission denied rlm_eap_tls: Error reading certificate file /etc/raddb/certs/server.pem rlm_eap: Failed to initialize type tls /etc/raddb/eap.conf[17]: Instantiation failed for module "eap" /etc/raddb/sites-enabled/default[252]: Failed to find module "eap". /etc/raddb/sites-enabled/default[199]: Errors parsing authenticate section. } } Errors initializing modules comp-010:/home/srn # --------------------------------------------------------------------------------------------------------------------- It says a 'permission denied' and you asked me earlier if I was running the command as a root, which the answer is yes. So, how can I overcome this problem? Thank you George On Thu, May 1, 2008 at 11:50 AM, Alan DeKok <[EMAIL PROTECTED]> wrote: > George KNIGHT wrote: > > Yes, I run all the commands as a root. Is this wrong? > > No. > > > When I run the bootstrap script, again, as a root, here is what I get; > > <sigh> You said it had errors. You need to show what those errors > are. Showing that it runs *without* errors doesn't help. > > > I will use the default certs for just testing purposes. Once I make this > > work with defaults ones, I will sure go ahead and create new > > certificates. But at this moment, all I want to see a working version > > of PEAP authentication in my test environment. > > Follow the instructions. It WILL work. > > - uncheck "validate server certificate" in Windows. > - add username/password to FreeRADIUS as per the FAQ > - start the server > - verify that PEAP works. > > That's what I do. It's not complicated. It doesn't require "special" > knowledge or experience. It really *is* that easy. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html