|
Hi All, I am following notes at following link to implement EAP/TTLS
with FREERADIUS. http://rbirri.9online.fr/howto/Freeradius_+_TTLS.html Alan U’r suggestion to pick up latest snapshot did worked
and I could compile TTLS under src/modules/rlm_eap/types/rlm_eap_ttls/ I also managed to create SSL certificates using CA.all Now when I try to start radius as “radiusd –Xp” I
receive following error ---- Please enter the following 'extra' attributes to be sent with your
certificate request A challenge password []:sagardba An optional company name []:bt_linux + openssl
ca -policy policy_anything -out newcert.pem
-passin pass:whatever -key
whatever -extensions xpserver_ext -extfile xpextensions -infiles newreq.pem Using configuration from /usr/local/ssl/openssl.cnf Check that the request matches the signature Signature ok Certificate Details:
Serial Number: 2 (0x2)
Validity
Not Before: Feb 19
Not After : Feb 18
Subject:
countryName
=
stateOrProvinceName =
localityName
= ipswich
organizationName
= bt_linux
organizationalUnitName = fasttrack
commonName
= bt_linux
emailAddress =
[EMAIL PROTECTED]
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication Certificate is to be certified until Feb 18 Sign the certificate? [y/n]:y failed to update
database TXT_DB error number 2 + openssl
pkcs12 -export -in newcert.pem -inkey
newreq.pem -out cert-srv.p12 -clcerts
-passin pass:whatever -passout pass:whatever No certificate matches private key + openssl
pkcs12 -in cert-srv.p12 -out cert-srv.pem -passin pass:whatever -passout pass:whatever 9458:error:0D07207B:asn1 encoding
routines:ASN1_get_object:header too long:asn1_lib.c:140: + openssl
x509 -inform PEM -outform DER -in cert-srv.pem -out cert-srv.der unable to load certificate 9459:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:632:Expecting: TRUSTED CERTIFICATE + echo -e
'\n\t\t##################\n'
################## Please help…. Best Regards, Sagar Patil |
