Hola estoy configurando el servidor de FreeRadius: Cuando le añadí el tipo de autentificación con eap (peap) para que soporte el mschapv2, para poder autentificar a Windows XP, me pide que añade el soporte EAP-TLS, con lo que lo hice. Ahora me da el siguiente error:
>>Module: Loaded eap >> eap: default_eap_type = "peap" >> eap: timer_expire = 60 >> eap: ignore_unknown_eap_types = no >> eap: cisco_accounting_username_bug = no >> tls: rsa_key_exchange = no >> tls: dh_key_exchange = yes >> tls: rsa_key_length = 512 >> tls: dh_key_length = 512 >> tls: verify_depth = 0 >> tls: CA_path = "(null)" >> tls: pem_file_type = yes >> tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem" >> tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem" >> tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem" >> tls: private_key_password = "wathever" >> tls: dh_file = "/usr/local/etc/raddb/certs/dh" >> tls: random_file = "/usr/local/etc/raddb/certs/random" >> tls: fragment_size = 1024 >> tls: include_length = yes >> tls: check_crl = yes >> tls: check_cert_cn = "(null)" >>4160:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:632:Expecting: CERTIFICATE >>4160:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:438: >>4160:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:421: >>4160:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:707: >>rlm_eap_tls: Error reading private key file >>rlm_eap: Failed to initialize type tls >>radiusd.conf[9]: eap: Module instantiation failed. Llevo varios días viendo el porqué pero no consigo averiguarlo. He seguido un montón de manuales, HOW-TO, etc. Un saludo a todos.
