Project

General

Profile

Actions

Bug #7491

closed

freeradius2 (1.7.8) incorrect ca+crl pem file output format

Added by Luca Moncelli over 7 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Package System
Target version:
-
Start date:
04/23/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4
Affected Architecture:
amd64

Description

release 2.4.0.b.20170422.1955

configuring eap-tls ca and crl produce pem file output ( /usr/local/etc/raddb/certs/ca_cert.pem ) like this:

-----BEGIN CERTIFICATE-----
here my ca certificate.......
-----END CERTIFICATE----------BEGIN X509 CRL-----
here my crl certificate......
-----END X509 CRL-----

instead of this that should be:
-----BEGIN CERTIFICATE-----
here my ca certificate.......
-----END CERTIFICATE-----
-----BEGIN X509 CRL-----
here my crl certificate......
-----END X509 CRL-----

missing "cr" (carriage return) at the bottom of ca cert

this results in radius service stopping with error:

/usr/local/etc/raddb/sites-enabled/default[263]: Errors parsing authenticate section

and you can't re-start it....
you need to manual edit the ca_cert.pem file, insert the missing "cr" and... radius service can start regularly

Actions

Also available in: Atom PDF