RADIUS authentication fails with the following error in the radius.log of the identity router log bundle:
ERROR: (0) via: ERROR: Failed to get the handle.
ERROR: (0) via: ERROR: Rest authenticate call failed!
The following message is seen in the identity router's symplified.log after publishing changes in the Cloud Administration Console with the identity router in debug mode:
[ServiceMonitor] DEBUG com.symplified.platform.linux.LinuxCmd - Linux command returned response: LinuxCommandResponse [exitCode=0, output=Importing customer certs to NSS DB..
unable to load private key
140651206968976:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:697:Expecting: ANY PRIVATE KEY
pk12util: PKCS12 decode not verified: SEC_ERROR_BAD_DER: security library: improperly formatted DER-encoded message.
pk12util: PKCS12 decode validate bags failed: SEC_ERROR_INVALID_ARGS: security library: invalid arguments.
, error=null, timeout=false]
There is an incompatibility between the identity router and the encoding of the private key that is uploaded on the: Cloud Administration Console > My Account > Company Settings > Company Information page.
Use an encoding conversion utility to convert the encoding of the private key to ASCII encoding. Upload the converted private key to the Company Information page and then save and publish the changes in the Cloud Administration Console.