On Fri, Feb 12, 2010 at 11:55:08PM +0100, Josip Rodin wrote:
> On Fri, Feb 12, 2010 at 09:21:00PM +0100, Michael Schwartzkopff wrote:
> > Package: freeradius
> > Version: 2.1.8+dfsg-1
> > Severity: important
> >
> > Installin freeradius-2.1.8 from testing repository on a plain debian lenny
> > and
> > starting /usr/sbin/freeradius -X results in the following error:
> > (...)
> > rlm_eap: SSL error error:02001002:system library:fopen:No such file or
> > directory
> > rlm_eap_tls: Error reading Trusted root CA list /etc/freeradius/certs/ca.pem
> > rlm_eap: Failed to initialize type tls
> > /etc/freeradius/eap.conf[17]: Instantiation failed for module "eap"
> > (...)
> >
> > It seems that there is no ca.pem file in /etc/ssl/certs/
> >
> > This certificate is installed only by the packge ca-certificates which is
> > NOT
> > installed. freeradius should depend on this package so the certificates are
> > also installed.
>
> D'oh. And here I was thinking the dependency on ssl-cert will be sufficient.
> It'll be added, thanks for the report.
Hmm, as it turns out, that is a symlink not to the general ca-certificates
database but to a specific debconf.org CA. In the meantime upstream started
warning against using *any* generic CAs.
Thoughts are welcome...
--
2. That which causes joy or happiness.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
