freeradius problem - ephemeral RSA key generation

Kapetanakis Giannis Tue, 30 Dec 2014 09:22:50 -0800

Hi,

After upgrading to latest snapshot I have problems with freeradius 2.2.5package not starting.


Especially the problem occurs in loading of module eap-tls

rlm_eap_tls: Couldn't set ephemeral RSA key
rlm_eap: Failed to initialize type tls
/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"

I've tried installing version 2.2.6 but I have the same problem.

The program fails at:
src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c

/*
 * Generate ephemeral RSA keys.
 */
static int generate_eph_rsa_key(SSL_CTX *ctx)
{
   RSA *rsa;

   rsa = RSA_generate_key(512, RSA_F4, NULL, NULL);

   if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
      radlog(L_ERR, "rlm_eap_tls: Couldn't set ephemeral RSA key");
      return -1;
   }

   RSA_free(rsa);
   return 0;
}

is this related to freeradius or something with OpenBSD ssl libraries?

regards,

Giannis

freeradius problem - ephemeral RSA key generation

Reply via email to