<div>Thanks for your teaching!</div>
<div>I understand more and more about the keying.</div>
<div>&nbsp;</div>
<div>I follow your guide last mail,</div>
<div>combine server.pem and server.key to server-combined.pem,</div>
<div>and then put it into /usr/local/etc/raddb/certs/.</div>
<div>ca.pem also place to right side.</div>
<div>&nbsp;</div>
<div>What I set in eap.conf is:</div>
<div>tls {</div>
<div>&nbsp;&nbsp;&nbsp; private_key_password = whatever</div>
<div>&nbsp;&nbsp;&nbsp; private_key_file = ${raddbdir}/certs/server-combined.pem</div>
<div>&nbsp;&nbsp;&nbsp; certificate_file = ${raddbdir}/certs/server-combined.pem</div>
<div>&nbsp;&nbsp;&nbsp; CA_file = ${raddbdir}/certs/demoCA/ca.pem</div>
<div>&nbsp;&nbsp;&nbsp; dh_file = ${raddbdir}/certs/dh</div>
<div>&nbsp;&nbsp;&nbsp; random_file = /dev/urandom</div>
<div>&nbsp;&nbsp;&nbsp; fragment_size = 1024</div>
<div>}</div>
<div>&nbsp;</div>
<div>After setup, I start radius by &quot;radiusd -f -X&quot;</div>
<div>but it can not work normally.</div>
<div>The screen shows:</div>
<div>&nbsp;</div>
<div>(above is eliminated)</div>
<div>Module: Loaded eap<br>&nbsp;eap: default_eap_type = &quot;ttls&quot;<br>&nbsp;eap: timer_expire = 60<br>&nbsp;eap: ignore_unknown_eap_types = no<br>&nbsp;eap: cisco_accounting_username_bug = no<br>rlm_eap: Loaded and initialized type md5
<br>rlm_eap: Loaded and initialized type leap<br>&nbsp;gtc: challenge = &quot;Password: &quot;<br>&nbsp;gtc: auth_type = &quot;PAP&quot;<br>rlm_eap: Loaded and initialized type gtc<br>&nbsp;tls: rsa_key_exchange = no<br>&nbsp;tls: dh_key_exchange = yes
<br>&nbsp;tls: rsa_key_length = 512<br>&nbsp;tls: dh_key_length = 512<br>&nbsp;tls: verify_depth = 0<br>&nbsp;tls: CA_path = &quot;(null)&quot;<br>&nbsp;tls: pem_file_type = yes<br>&nbsp;tls: private_key_file = &quot;/usr/local/etc/raddb/certs/server-
combined.pem&quot;<br>&nbsp;tls: certificate_file = &quot;(null)&quot;<br>&nbsp;tls: CA_file = &quot;/usr/local/etc/raddb/certs/demoCA/ca.pem&quot;<br>&nbsp;tls: private_key_password = &quot;whatever&quot;<br>&nbsp;tls: dh_file = &quot;/usr/local/etc/raddb/certs/dh&quot;
<br>&nbsp;tls: random_file = &quot;/dev/urandom&quot;<br>&nbsp;tls: fragment_size = 1024<br>&nbsp;tls: include_length = yes<br>&nbsp;tls: check_crl = no<br>&nbsp;tls: check_cert_cn = &quot;(null)&quot;<br>&nbsp;tls: cipher_list = &quot;(null)&quot;<br>
&nbsp;tls: check_cert_issuer = &quot;(null)&quot;<br>rlm_eap_tls: Loading the certificate file as a chain<br>rlm_eap: SSL error error:0200100E:system library:fopen:Bad address<br>rlm_eap_tls: Error reading certificate file<br>
rlm_eap: Failed to initialize type tls<br>radiusd.conf[10]: eap: Module instantiation failed.<br>radiusd.conf[1960] Unknown module &quot;eap&quot;.<br>radiusd.conf[1907] Failed to parse authenticate section.</div>
<div>&nbsp;</div>
<div>If I change&nbsp;the private_key_file and certificate_file back to original file &quot;cert-srv.pem&quot;,</div>
<div>it can work normally.</div>
<div>For this reason, </div>
<div>is there something I have to replace but not yet?</div>
<div>Or something I set is mismatch?</div>
<div>&nbsp;</div>
<div>&nbsp;</div>