Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
bgColor#fff

Check the following:

  1. The RADIUS server specified in /etc/radsec.conf is running and can be reached over TLS or UDP (depending on your setting in radsec.conf).
  2. There may be a problem with the APC or the trust router. Please contact JANET your Trust Router network provider (as of March 2015, Jisc or the GÉANT Association).

 

Problem

I can't seem to be able to connect my service to the trust router infrastructure. I get the following error when running the TIDC command:

...

I can't seem to be able to connect my service to the trust router infrastructure. I get the following error when running the TIDC command:

Error returned by gss_init_sec_context:
      major error <1> Invalid credential was supplied
      minor error <1> Authentication rejected by RADIUS server
AuthenticateToServer failed: Authentication rejected by RADIUS server (err = 2109382925)
Error in tidc_open_connection.

Possible Solutions:

Panel
bgColor#fff
Check the following:
  1. There may be a problem with your organisation's Trust Router network credentials: 
    1. If you were part of the Janet Moonshot pilot, your credential will cease to function on March 20, 2015.
    2. After March 25, 2015, contact your Trust Router network provider (as of March 2015, Jisc or the GÉANT Association).
  2. Check with your Trust Router network provider that your organisation's Trust Router credential trust anchors are correct if you see a message similar to the below immediately before the error message:

    Code Block
    CTRL-EVENT-EAP-TLS-CERT-ERROR reason=1 depth=0 subject='...' err='Server certificate mismatch'
    SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
    OpenSSL: openssl_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed


 

Problem

I can't seem to be able to connect my service to the trust router infrastructure. It seems to start but then I get the following error when running the TIDC command:

...

Panel
bgColor#fff
  1. There may be a problem with your credentials. If you were part of the pilot workshop in February 2014, you must apply for new credentials. Credentials issued after May 2014 should be ok. If in doubt, check the credentials.xml file, and convert the 'Issued on' number from UNIX time to human time.organisation's Trust Router network credentials.
  2. Check that the value of your RP realm parameter is correct and the same as the one you specified when you applied for credentials at JANETfrom your Trust Router network provider (as of March 2015, Jisc or the GÉANT Association).
  3. The trust router may be down. This should not be the case, but it occasionally happens. Give it a few minutes and then try again.

    Warning

    If the problem persists, please get in touch with JANETyour Trust Router network provider!

 

Problem

I can't seem to be able to connect my service to the trust router infrastructure. It seems to start but then I get the following error when running the TIDC command:

...

Panel
bgColor#fff
  1. There appears to be a problem either with either your organisation's Trust Router network credentials or with the RP realm that you specified.
  2. Check that you have imported the credentials file as the FreeRADIUS user, you are running the TIDC command as the FreeRADIUS user, and that you have run the unset DISPLAY command before running the TIDC command.
  3. Check that the value of your RP realm is correct and the same as the one you specified when you applied for credentials at JANETfrom your Trust Router network provider (as of March 2015, Jisc or the GÉANT Association).

 

Problem

I can't seem to be able to connect my service to the trust router infrastructure. It seems to start but then I get the following error when running the TIDC command:

...

Panel
bgColor#fff
  1. There appears to be a problem with the RP realm that you specified.
  2. Check that:
    1. the value of your RP realm is the same as the one you specified when you applied for credentials at JANET from your Trust Router network provider (as of March 2015, Jisc or the GÉANT Association).
    2. the value of your RP realm is specified in the second parameter of the TIDC command-line.
    3. you have not specified your ID Provider realm by accident, if it differs from your RP realm.

 

Problem

I can't seem to be able to connect my service to the trust router infrastructure. It seems to start but then I get the following error when running the TIDC command:

...

Panel
bgColor#fff
  1. There appears to be a problem with the ID Provider realm that you specified.
  2. Check that:
    1. the value you specified on the command-line matches the ID Provider realm you specified in the portal or asked Jisc to register for you in the portal.
    2. the ID Provider server name and IP address you specified in the portal or to Adam Bishop your Trust Router network provider (as of March 2015, Jisc or the GÉANT Association) are correct for your IdP server, and that they are accessible from anywhere on ports tcp/2083 and tcp/12309.
    3. you have not specified your RP realm by accident, if it differs from your ID Provider realm.

...