I'm running freeradius and have EAP-TLS configured. Occasionally I
get this error after the process has been running fine for a while:
SSL error error:04077068:rsa routines:RSA_verify:bad signature
>From that point on, all certificate auth fails. Has anyone seen this
before? It's difficult
I applied the patch this morning and the server seems to be perfectly
stable, even under conditions with a bazillion simultaneous in-bound
connections. I'll keep an eye on it but I think your patch nailed the
problem.
Thanks!
On Aug 28, 2004, at 5:40 PM, Dr. Stephen Henson wrote:
I've attached
On Thu, Aug 26, 2004, Joseph Bruni wrote:
> I did as you suggested and dumped the CRL object from within the validation routine.
> Using the X509_STORE_CTX pointer passed in, I used the current_crl member to get
> to a X509_CRL pointer, and fed that to a PEM_write() routine.
>
> Interestingly, th
uot;Dr. Stephen Henson" <[EMAIL PROTECTED]>
Sent: Aug 26, 2004 2:44 PM
To: [EMAIL PROTECTED]
Subject: Re: CRL signature failure
On Thu, Aug 26, 2004, Joseph Bruni wrote:
> I wrote a bit earlier about a problem I'm having with regards to a server
> that is verifying client ce
_CTX goes bad and all new connection fail with the following error chain:
>
> X509_verify_cert_error_string() = CRL signature failure
>
> ### error:04077068:rsa routines:RSA_verify:bad signature ###
> error:0D089006:asn1 encoding routines:ASN1_verify:
error chain:
X509_verify_cert_error_string() = CRL signature failure
### error:04077068:rsa routines:RSA_verify:bad signature
### error:0D089006:asn1 encoding routines:ASN1_verify:EVP lib
### error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Only by bouncing the pr
