[RADIATOR] RADSEC issue on Windows Server 2019

l.m.c.haverkotte at utwente.nl l.m.c.haverkotte at utwente.nl
Thu Oct 17 12:28:06 UTC 2019 

Hi,

I’ve been trying to enable a RADSEC connection between two Radiator servers (one running on linux, the other on Windows Server 2019 Datacenter), and I’m running into an issue while doing so on the windows end. I’m using the new msi installer for version 4.23.3.
After adding the very simple barebones ServerRADSEC clause shown below to my configuration:

<ServerRADSEC>
        Identifier UT-Backend-RADSEC
        Port 2083
        Protocol tcp
        Secret SomethingVerySecret

        UseTLS

        TLS_Protocols TLSv1.1,TLSv1.2
        TLS_CertificateType PEM
        TLS_CertificateFile %D/certs/cert.pem
        TLS_PrivateKeyFile %D/certs/key.pem

        TLS_Ciphers DEFAULT
</ServerRADSEC>

Radiator logs the following errors on startup:

DEBUG: Initialised SSL library: Net::SSLeay 1.85, OpenSSL 1.1.0i  14 Aug 2018
INFO: Using Net::SSLeay 1.85 with SSL/TLS library version 0x1010009f (OpenSSL 1.1.0i  14 Aug 2018)
DEBUG: SSL/TLS library and Net::SSLeay support set_default_passwd_cb and related functions
DEBUG: Radius::ServerRADSEC UT-Backend-RADSEC setting TLS protocols to: TLSv1.1 TLSv1.2
DEBUG: Radius::ServerRADSEC UT-Backend-RADSEC setting TLS_Ciphers to: DEFAULT
ERR: StreamTLS could not load_verify_locations , :  4100: 1 - error:25078067:DSO support routines:win32_load:could not load the shared library
00000000  4100: 2 - error:25070067:DSO support routines:DSO_load:could not load the shared library
00000000  4100: 3 - error:260B6084:engine routines:dynamic_load:dso not found
00000000  4100: 4 - error:2606A074:engine routines:ENGINE_by_id:no such engine

ERR: Failed to initialise TLS, will not create StreamServer listen socket

The certificate files used definitely do exist in the location specified.

Has anyone ran into this problem before? Is there an additional step required after installation regarding SSL libraries or settings?

Kind regards,

Leon Haverkotte | Network engineer | University of Twente | Library, ICT Services & Archive (LISA) / ITO | Campus building Spiegel, room 226 | T: +31 (0)53 - 489 3016 | l.m.c.haverkotte at utwente.nl<mailto:l.m.c.haverkotte at utwente.nl> | www.utwente.nl/lisa<http://www.utwente.nl/lisa>




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20191017/a46e8c6a/attachment.html>

More information about the radiator mailing list