'Re: Version 3.0.20 has been released'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Version 3.0.20 has been released
From:       Jorge Pereira <jpereira () freeradius ! org>
Date:       2019-11-25 16:23:24
Message-ID: 8AD3737F-55A4-48C3-943D-54D6CEB8801C () freeradius ! org
[Download RAW message or body]

Houman,

Try using: 

$ openssl dhparam -out /etc/freeradius/certs/dh 2048

----
Jorge Pereira
jpereira@freeradius.org


> On 22 Nov 2019, at 18:27, Houman <houmie@gmail.com> wrote:
> 
> Hi Matthew,
> 
> Thank you for confirming. I noticed there is no dh file in the certs folder
> anymore:
> 
> Nov 22 21:15:31 stag-2 freeradius[28702]: Unable to check file
> "/etc/freeradius/certs/dh": No such file or directory
> 
> So I copied the existing dh file from /etc/freeradius/3.0/certs/dh to
> /etc/freeradius/certs/dh
> 
> Nov 22 21:26:02 stag-2 freeradius[32109]: Please use tls_min_version and
> tls_max_version instead of disable_tlsv1
> Nov 22 21:26:02 stag-2 freeradius[32109]: Please use tls_min_version and
> tls_max_version instead of disable_tlsv1_2
> Nov 22 21:26:02 stag-2 freeradius[32109]: tls: Unable to open DH file -
> /etc/freeradius/certs/dh
> Nov 22 21:26:02 stag-2 freeradius[32109]: rlm_eap_tls: Failed initializing
> SSL context
> Nov 22 21:26:02 stag-2 freeradius[32109]: rlm_eap (EAP): Failed to
> initialise rlm_eap_tls
> Nov 22 21:26:02 stag-2 freeradius[32109]:
> /etc/freeradius/mods-enabled/eap[14]: Instantiation failed for module "eap"
> 
> I didn't create this dh file previously myself, how is it generated and do
> you know why is it now missing?
> 
> Thank you,
> Houman
> 
> 
> On Fri, 22 Nov 2019 at 21:11, Matthew Newton <mcn@freeradius.org> wrote:
> 
>> On Fri, 2019-11-22 at 20:57 +0000, Houman wrote:
>>> But Freeradius can no longer start. I believe the default path has
>>> now changed from "/etc/freeradius/3.0/ to "/etc/freeradius/. Can
>>> someone confirm this, please?
>> 
>> At some point Debian decided they were going to move the config from
>> /etc/freeradius to /etc/freeradius/3.0, so their packages are
>> different.
>> 
>>> Can I set the default path somewhere back to how it was to avoid
>>> having to move certs and configs around?
>> 
>> Easiest is probably to move all the files from /etc/freeradius/3.0 to
>> etc/freeradius, remove the unnecessary directory, and create a symlink
>> in case anything's still looking in the other location, something like
>> 
>>  mv /etc/freeradius/3.0/* /etc/freeradius/
>>  rmdir /etc/freeradius/3.0
>>  ln -s /etc/freeradius/3.0 /etc/freeradius
>> 
>> Or you can change where it looks for its config in
>> /etc/default/freeradius: add `-d /etc/freeradius/3.0` to the command
>> line args.
>> 
>> --
>> Matthew
>> 
>> 
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic