回复: Re: freeRADIUS + Openldap with TLS
Hi,
Yes. eap.conf is part of radiusd.conf.
But I can not find a variable to set key-file-password in rlm_ldap section.
# Lightweight Directory Access Protocol (LDAP)
ldap {
server = "ldap.your.domain"
# identity = "cn=admin,o=My Org,c=UA"
# password = mypass
basedn = "o=My Org,c=UA"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
# base_filter = "(objectclass=radiusprofile)"
# set this to 'yes' to use TLS encrypted connections
# to the LDAP database by using the StartTLS extended
# operation.
# The StartTLS operation is supposed to be used with normal
# ldap connections instead of using ldaps (port 689) connections
start_tls = no
# tls_cacertfile = /path/to/cacert.pem
# tls_cacertdir = /path/to/ca/dir/
# tls_certfile = /path/to/radius.crt
# tls_keyfile = /path/to/radius.key
# tls_randfile = /path/to/rnd
# tls_require_cert = "demand"
# default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA"
# profile_attribute = "radiusProfileDn"
access_attr = "dialupAccess"
tnt@kalik.co.yu 写道:
You already have. eap.conf is a part of radiusd.conf.
Ivan Kalik
Kalik Informatika ISP
Dana 29/10/2007, "Hangjun He" pi?:
>Hi,
>
> I use freeradius 1.1.6 and Openldap 2.3.32. And
now It can authenticate success( freeRADIUS + Openldap with TLS TLS encrypt.)
>
> My question is how to set private-key password in radiusd.conf? Is there a related variable to set, just like "private_key_password" in eap.conf .
>
> Thanks.
> John
>
>
>---------------------------------
>雅虎邮箱,终生伙伴!
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
雅虎邮箱,终生伙伴!
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.