ldap tls in freeradius
Phil Mayers
p.mayers at imperial.ac.uk
Sun Nov 6 23:48:20 CET 2011
On 11/06/2011 11:37 AM, Frank Skovboel wrote:
> The directory that I pointed to were the one that bootstrap
> automatically created. Do I need to create new certificates for the
> ldap lookup (if so is there a guide some where)?
As others have pointed out, that's wrong.
The bootstrap certs are a fake CA & server cert, which you can use to
test EAP.
If you want to use LDAPS as a *client*, you need to obtain the CA cert
which signs the LDAP server cert, and reference (probably only) that in
the ldap "tls {}" block
More information about the Freeradius-Users
mailing list