Hello Simon,
On Tue, 18 Nov 2003 04:19 am, Simon Gao wrote: > Hi, > > I am trying to use EAP TLS for user authentication. But I run into this > error on the server. This errors happend both to self-signed certifcate > with XP extention (generated using OpenSSL 0.9.7c) and the sample test > certificates. The envrionement is Redhat 9.0, OpenSSL 0.9.7c, Radiator > 3.7.1. > > Any help is appreciated. I suspect that either 1. the server_key.pem file is not really in PEM format. 2. EAPTLS_PrivateKeyPassword is set incorrectly, so openssl cannot decrypt it the private key properly. Probably the second is the most likely. Hope that helps. Cheers. > > Simon Gao > > > Fri Nov 14 10:37:41 2003: ERR: TLS could not use_PrivateKey_file > %D/cert/server_key.pem, 1: 11051: 1 - error:0906D06C:PEM > routines:PEM_read_bio:no start > line > 11051: 2 - error:0D06B078:asn1 encoding routines:ASN1_get_object:header > too long > 11051: 3 - error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing > 11051: 4 - error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib > 11051: 5 - error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib > 11051: 6 - error:140B0009:SSL > routines:SSL_CTX_use_PrivateKey_file:missing asn1 eos > > Fri Nov 14 10:37:41 2003: DEBUG: EAP result: 1, EAP TLS Could not > initialise context > Fri Nov 14 10:37:41 2003: INFO: Access rejected for sgao: EAP TLS Could > not initialise context > Fri Nov 14 10:37:41 2003: INFO: Access rejected for sgao: EAP TLS Could > not initialise context > > > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
