>> > When I start it for the first time, it builds all of the 'fake' certs >> okay >> > and runs properly. >> > >> > (I am not sure if this would be an OpenSSL error or FreeRADIUS error. >> > What would you think the best way to troubleshoot this would be? >> > Or do you have any helpful hints?) >> > >> > However, when I attempt to build real certs, I see the following: > > snip - tot he bit of config that concerns me > >> > pem_file_type = yes >> > private_key_file = "/usr/local/etc/raddb/certs/server.pem" >> > certificate_file = "/usr/local/etc/raddb/certs/server.pem" > > snip to the error > >> > rlm_eap: SSL error error:06065064:digital envelope >> routines:EVP_DecryptFinal_ex:bad decrypt >> > rlm_eap_tls: Error reading private key file >> /usr/local/etc/raddb/certs/server.pem >> > rlm_eap: Failed to initialize type tls >
You haven't created server certificate using one password and then entered differnt one in eap.conf? Check tha the password in .cnf file is the same as the one in eap.conf. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html