Hello, I am using Packetfense v13.1 ZEN setup and trying to set up EAP-TLS wireless authentication using SCEP.
I am following the guide and when I get to the point to test the CA using the sscep tool, I get the following error: root@packetfence:/usr/local/pf/raddb/certs# sscep getca -u http://10.7.69.59/scep/usr_crt -c ./ca-prefix -i MyPKI -v -d sscep: starting sscep, version 0.9.0 sscep: new transaction sscep: transaction id: SSCEP transactionId sscep: hostname: 10.7.69.59 sscep: directory: scep/usr_crt sscep: port: 80 sscep: SCEP_OPERATION_GETCAPS sscep: scep request: GET /scep/usr_crt?operation=GetCACaps HTTP/1.1 Host: 10.7.69.59 Connection: close sscep: server response status code: 200, MIME header: text/plain sscep: scep caps bitmask: 0x04bb sscep: SCEP_OPERATION_GETCA sscep: scep request: GET /scep/usr_crt?operation=GetCACert&message=MyPKI HTTP/1.1 Host: 10.7.69.59 Connection: close sscep: server response status code: 200, MIME header: application/x-x509-ca-cert sscep: valid response from server 140644003884032:error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag:../crypto/asn1/tasn_dec.c:1149: 140644003884032:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:../crypto/asn1/tasn_dec.c:309:Type=X509 To me that seems like some sort of OpenSSL error. Any ideas on where to look next? Thank you -- Karl Peciulis IT Infrastructure Specialist KSD140
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users