Hi, > > When I start it for the first time, it builds all of the 'fake' certs okay > > and runs properly. > > > > (I am not sure if this would be an OpenSSL error or FreeRADIUS error. > > What would you think the best way to troubleshoot this would be? > > Or do you have any helpful hints?) > > > > However, when I attempt to build real certs, I see the following:
snip - tot he bit of config that concerns me > > pem_file_type = yes > > private_key_file = "/usr/local/etc/raddb/certs/server.pem" > > certificate_file = "/usr/local/etc/raddb/certs/server.pem" snip to the error > > rlm_eap: SSL error error:06065064:digital envelope > > routines:EVP_DecryptFinal_ex:bad decrypt > > rlm_eap_tls: Error reading private key file > > /usr/local/etc/raddb/certs/server.pem > > rlm_eap: Failed to initialize type tls yep. you've put a PEM file as the key file - is this key file the file you really want? normally you'd give it a key file (look at the working out of the box files.. the key file will start -----BEGIN RSA PRIVATE KEY----- the pem (certificate file) will start -----BEGIN CERTIFICATE----- alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
