Hi Alan, you are right, with all the EXCELLENT forum help we received through users-lists, determined it all executes from a perl, bgmod.pl. That perl calls up a stunnel.conf file which had the LDAP configuration within and it identified the ROOT CA (.pem file) being used for the secure connection to the LDAP server.. We were then able to decipher the .pem file to validate the issuing CA, issuing CA's Root serial number and date. Knew we were using LDAP because every request a defined FW receives from an end user to authenticate through that FW (to the environment behind the firewall) is passed to FreeRadius, which then verifies the end users id/pswd using LDAP to the Corporate Directory. SO, knew it was defined in there someplace but not the expected place. Excellent forum, good answers, right answers, no BS. I Thank You All!!!! -----Original Message----- From: A.L.M.Buxey@lboro.ac.uk [mailto:A.L.M.Buxey@lboro.ac.uk] Sent: Thursday, May 05, 2016 3:15 PM To: WINANT, KEVIN <KW517G@att.com> Cc: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Subject: Re: LDAP CONFIGURATION IN FreeRadius Hi, its quite clear that its not using that config...... so, is it actually using LDAP - check what the config looks like in the virtual servers.... why do you think its using LDAP? ;-) alan