Hi David,
I believe 2048 could not be the issue (as you said because I am using
64 bit OS), this is about supporting sha256 algorithm either with
0.9.8h, or my Freeradius 2.0.5 (both are latest). Because sha1 works
well with my installation with even RSA 2048 key. And ofcourse, as per
my previous email it was evident that I am using 64 bit OS. Here is
the output of my working certs :
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ae:e6:13:b6:3e:1c:63:39:eb:02:ef:7c:54:3f:9e
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=Motorola, Inc., OU=WiMAX Device Certificate Authority, C
N=Motorola WiMAX Device Root CA
Validity
Not Before: Jul 7 22:54:11 2006 GMT
Not After : Jul 7 22:54:11 2036 GMT
Subject: C=US, O=Motorola, Inc., OU=WiMAX Device Certificate Authority,
CN=Motorola WiMAX Device Root CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:a7:7c:24:7f:ff:7b:aa:88:c6:ea:af:7e:1d:f4:
bb:7d:ae:11:f0:27:72:61:9b:19:6e:b6:c8:1d:20:
aa:a9:52:34:41:87:f0:05:94:ad:c4:77:7b:93:08:
5c:29:8b:80:14:11:69:1c:4c:1d:39:cb:ff:30:9b:
62:9d:d7:78:07:43:71:7c:15:31:fa:79:2c:36:a1:
6b:d3:58:10:c2:8f:7c:91:20:1d:dc:9e:ea:10:55:
66:cf:95:1f:9a:aa:8d:e6:2f:e9:dd:de:07:5c:87:
17:77:0f:b4:26:d5:a4:c0:e9:09:8b:00:ec:f3:49:
6f:37:bf:ac:a7:f1:81:64:6d:ab:2c:32:2d:03:7c:
95:5b:8b:48:29:23:55:49:9b:df:bc:e2:26:4b:0f:
ef:9f:81:5d:a9:b4:f2:34:b2:9f:a4:72:9e:0c:2d:
d7:1d:7b:04:70:76:16:93:1e:7c:64:18:79:07:6d:
60:c9:e6:8c:10:73:94:0f:2e:a1:63:d9:38:61:6e:
5f:81:67:fe:39:3f:aa:47:26:14:30:0a:c4:c2:0b:
4c:b1:2f:15:cd:dc:79:79:a7:f0:2a:1f:15:c6:25:
cb:61:84:20:27:4d:48:44:9a:f2:47:f9:c7:b5:09:
db:d7:28:f5:28:2e:f2:cc:42:31:36:8a:95:dc:02:
22:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage:
Certificate Sign, CRL Sign
X509v3 Subject Key Identifier:
74:9F:F6:2C:2B:60:80:53:17:79:A0:39:6D:77:84:FD:BA:D8:88:65
X509v3 Basic Constraints: critical
CA:TRUE
On 8/14/08, Rafiqul Ahsan <[EMAIL PROTECTED]> wrote:
> Hi David,
>
> Thanks for your reply...I believe I am running Freeradius, and
> openssl0.9.8h on 64 bit OS. If you want I can post the certs output as
> well. Pls let me know. I need to make this working, and I have been
> working on this for last 2 weeks and seeing the same error.
>
> Here is the command used to verify :
>
> bash-3.00# isainfo -b
> 64
> bash-3.00# isainfo -v
> 64-bit sparcv9 applications
> vis2 vis
> 32-bit sparc applications
> vis2 vis v8plus div32 mul32
>
> Here is the machine I am using (v210) :
> bash-3.00# uname -a
> SunOS v210ap20 5.10 Generic_120011-14 sun4u sparc SUNW,Sun-Fire-V210
>
>
> On 8/14/08, David Johnston <[EMAIL PROTECTED]> wrote:
> > We saw these same errors in a WiMAX test network with Free Radius.
> >
> > Moving from an older 32 bit Fedora to a current 64 bit Fedora and the stock
> > freeradius and freeradius-util packages made it work and made the errors you
> > exhibit disappear.
> >
> > openssl0.9.8h manifestly does support the necessary algorithms. With WiMAX
> > certs (I assume from the logs, that is what you are using), you absolutely
> > do need a 64 bit installation due to the post 2038 dates in the root and
> > subordinate CA certs.
> >
> > DJ
> >
> >
>
>
> --
> Rafiqul Ahsan
>
--
Rafiqul Ahsan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
