Temat: Problem z freeradius2
Witam. Mam problem z certyfikatami radiusa. Tutaj macie wydruk z konsoli. Może tam są jeszcze jakieś problemy. Bardzo proszę o pomoc. Jestem w trakcie poznawania OpenWRT. Chciałbym poprosić o jakieś rady.
Thu Feb 12 15:44:41 2015 : Info: FreeRADIUS Version 2.2.0, for host mips-openwrt-linux-gnu, built on Mar 14 2013 at 12:58:49
Thu Feb 12 15:44:41 2015 : Info: Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
Thu Feb 12 15:44:41 2015 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Thu Feb 12 15:44:41 2015 : Info: PARTICULAR PURPOSE.
Thu Feb 12 15:44:41 2015 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Thu Feb 12 15:44:41 2015 : Info: GNU General Public License v2.
Thu Feb 12 15:44:41 2015 : Info: Starting - reading configuration files ...
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/radiusd.conf
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/clients.conf
Thu Feb 12 15:44:41 2015 : Debug: including files in directory /etc/freeradius2/modules/
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/pap
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/chap
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/echo
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/exec
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/radutmp
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/files
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/realm
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/sradutmp
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/attr_rewrite
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/preprocess
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/inner-eap
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/detail
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/modules/mschap
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/eap.conf
Thu Feb 12 15:44:41 2015 : Debug: including files in directory /etc/freeradius2/sites/
Thu Feb 12 15:44:41 2015 : Debug: including configuration file /etc/freeradius2/sites/default
Thu Feb 12 15:44:41 2015 : Debug: main {
Thu Feb 12 15:44:41 2015 : Debug: allow_core_dumps = no
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: including dictionary file /etc/freeradius2/dictionary
Thu Feb 12 15:44:41 2015 : Debug: main {
Thu Feb 12 15:44:41 2015 : Debug: name = "radiusd"
Thu Feb 12 15:44:41 2015 : Debug: prefix = "/usr"
Thu Feb 12 15:44:41 2015 : Debug: localstatedir = "/var"
Thu Feb 12 15:44:41 2015 : Debug: sbindir = "/usr/sbin"
Thu Feb 12 15:44:41 2015 : Debug: logdir = "/var/log"
Thu Feb 12 15:44:41 2015 : Debug: run_dir = "/var/run"
Thu Feb 12 15:44:41 2015 : Debug: libdir = "/usr/lib/freeradius2"
Thu Feb 12 15:44:41 2015 : Debug: radacctdir = "/var/db/radacct"
Thu Feb 12 15:44:41 2015 : Debug: hostname_lookups = no
Thu Feb 12 15:44:41 2015 : Debug: max_request_time = 30
Thu Feb 12 15:44:41 2015 : Debug: cleanup_delay = 5
Thu Feb 12 15:44:41 2015 : Debug: max_requests = 1024
Thu Feb 12 15:44:41 2015 : Debug: pidfile = "/var/run/radiusd.pid"
Thu Feb 12 15:44:41 2015 : Debug: checkrad = "/usr/sbin/checkrad"
Thu Feb 12 15:44:41 2015 : Debug: debug_level = 0
Thu Feb 12 15:44:41 2015 : Debug: proxy_requests = no
Thu Feb 12 15:44:41 2015 : Debug: log {
Thu Feb 12 15:44:41 2015 : Debug: stripped_names = no
Thu Feb 12 15:44:41 2015 : Debug: auth = no
Thu Feb 12 15:44:41 2015 : Debug: auth_badpass = no
Thu Feb 12 15:44:41 2015 : Debug: auth_goodpass = no
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: security {
Thu Feb 12 15:44:41 2015 : Debug: max_attributes = 200
Thu Feb 12 15:44:41 2015 : Debug: reject_delay = 1
Thu Feb 12 15:44:41 2015 : Debug: status_server = yes
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: radiusd: #### Loading Realms and Home Servers ####
Thu Feb 12 15:44:41 2015 : Debug: radiusd: #### Loading Clients ####
Thu Feb 12 15:44:41 2015 : Debug: client localhost {
Thu Feb 12 15:44:41 2015 : Debug: ipaddr = 192.168.1.1
Thu Feb 12 15:44:41 2015 : Debug: require_message_authenticator = no
Thu Feb 12 15:44:41 2015 : Debug: secret = "zaq1@WSX"
Thu Feb 12 15:44:41 2015 : Debug: nastype = "other"
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: radiusd: #### Instantiating modules ####
Thu Feb 12 15:44:41 2015 : Debug: instantiate {
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: radiusd: #### Loading Virtual Servers ####
Thu Feb 12 15:44:41 2015 : Debug: server { # from file /etc/freeradius2/radiusd.conf
Thu Feb 12 15:44:41 2015 : Debug: modules {
Thu Feb 12 15:44:41 2015 : Debug: Module: Checking authenticate {...} for more modules to load
Thu Feb 12 15:44:41 2015 : Debug: (Loaded rlm_pap, checking if it's valid)
Thu Feb 12 15:44:41 2015 : Debug: Module: Linked to module rlm_pap
Thu Feb 12 15:44:41 2015 : Debug: Module: Instantiating module "pap" from file /etc/freeradius2/modules/pap
Thu Feb 12 15:44:41 2015 : Debug: pap {
Thu Feb 12 15:44:41 2015 : Debug: encryption_scheme = "auto"
Thu Feb 12 15:44:41 2015 : Debug: auto_header = yes
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: (Loaded rlm_chap, checking if it's valid)
Thu Feb 12 15:44:41 2015 : Debug: Module: Linked to module rlm_chap
Thu Feb 12 15:44:41 2015 : Debug: Module: Instantiating module "chap" from file /etc/freeradius2/modules/chap
Thu Feb 12 15:44:41 2015 : Debug: (Loaded rlm_mschap, checking if it's valid)
Thu Feb 12 15:44:41 2015 : Debug: Module: Linked to module rlm_mschap
Thu Feb 12 15:44:41 2015 : Debug: Module: Instantiating module "mschap" from file /etc/freeradius2/modules/mschap
Thu Feb 12 15:44:41 2015 : Debug: mschap {
Thu Feb 12 15:44:41 2015 : Debug: use_mppe = yes
Thu Feb 12 15:44:41 2015 : Debug: require_encryption = no
Thu Feb 12 15:44:41 2015 : Debug: require_strong = no
Thu Feb 12 15:44:41 2015 : Debug: with_ntdomain_hack = no
Thu Feb 12 15:44:41 2015 : Debug: allow_retry = yes
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: (Loaded rlm_eap, checking if it's valid)
Thu Feb 12 15:44:41 2015 : Debug: Module: Linked to module rlm_eap
Thu Feb 12 15:44:41 2015 : Debug: Module: Instantiating module "eap" from file /etc/freeradius2/eap.conf
Thu Feb 12 15:44:41 2015 : Debug: eap {
Thu Feb 12 15:44:41 2015 : Debug: default_eap_type = "peap"
Thu Feb 12 15:44:41 2015 : Debug: timer_expire = 60
Thu Feb 12 15:44:41 2015 : Debug: ignore_unknown_eap_types = no
Thu Feb 12 15:44:41 2015 : Debug: cisco_accounting_username_bug = no
Thu Feb 12 15:44:41 2015 : Debug: max_sessions = 4096
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: Module: Linked to sub-module rlm_eap_tls
Thu Feb 12 15:44:41 2015 : Debug: Module: Instantiating eap-tls
Thu Feb 12 15:44:41 2015 : Debug: tls {
Thu Feb 12 15:44:41 2015 : Debug: rsa_key_exchange = no
Thu Feb 12 15:44:41 2015 : Debug: dh_key_exchange = yes
Thu Feb 12 15:44:41 2015 : Debug: rsa_key_length = 512
Thu Feb 12 15:44:41 2015 : Debug: dh_key_length = 512
Thu Feb 12 15:44:41 2015 : Debug: verify_depth = 0
Thu Feb 12 15:44:41 2015 : Debug: CA_path = "/etc/freeradius2/certs"
Thu Feb 12 15:44:41 2015 : Debug: pem_file_type = yes
Thu Feb 12 15:44:41 2015 : Debug: private_key_file = "/etc/freeradius2/certs/server.pem"
Thu Feb 12 15:44:41 2015 : Debug: certificate_file = "/etc/freeradius2/certs/server.pem"
Thu Feb 12 15:44:41 2015 : Debug: CA_file = "/etc/freeradius2/certs/ca.pem"
Thu Feb 12 15:44:41 2015 : Debug: private_key_password = "mki8&UJNbhy6"
Thu Feb 12 15:44:41 2015 : Debug: dh_file = "/etc/freeradius2/certs/dh"
Thu Feb 12 15:44:41 2015 : Debug: random_file = "/etc/freeradius2/certs/random"
Thu Feb 12 15:44:41 2015 : Debug: fragment_size = 1024
Thu Feb 12 15:44:41 2015 : Debug: include_length = yes
Thu Feb 12 15:44:41 2015 : Debug: check_crl = no
Thu Feb 12 15:44:41 2015 : Debug: cipher_list = "DEFAULT"
Thu Feb 12 15:44:41 2015 : Debug: verify {
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: ocsp {
Thu Feb 12 15:44:41 2015 : Debug: enable = no
Thu Feb 12 15:44:41 2015 : Debug: override_cert_url = yes
Thu Feb 12 15:44:41 2015 : Debug: url = "http://127.0.0.1/ocsp/"
Thu Feb 12 15:44:41 2015 : Debug: use_nonce = yes
Thu Feb 12 15:44:41 2015 : Debug: timeout = 0
Thu Feb 12 15:44:41 2015 : Debug: softfail = no
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Debug: }
Thu Feb 12 15:44:41 2015 : Error: rlm_eap: SSL error error:06065064:lib(6):func(101):reason(100)
Thu Feb 12 15:44:41 2015 : Error: rlm_eap_tls: Error reading private key file /etc/freeradius2/certs/server.pem
Thu Feb 12 15:44:41 2015 : Error: rlm_eap: Failed to initialize type tls
Thu Feb 12 15:44:41 2015 : Error: /etc/freeradius2/eap.conf[17]: Instantiation failed for module "eap"
Thu Feb 12 15:44:41 2015 : Error: /etc/freeradius2/sites/default[310]: Failed to find "eap" in the "modules" section.
Thu Feb 12 15:44:41 2015 : Error: /etc/freeradius2/sites/default[252]: Errors parsing authenticate section.
Wiem że trochę tego dużo. Proszę mi tylko wskazać problem i nakierować w jakiś sposób. Wiem że coś jest z certyfikatami ale nie mogę sobie z tym poradzić.
