I have a LDAP server performing authentication on FR clients where EAP-TLS is being used as the mechanism, but the LDAP module is not using TLS. Is there a way to use the client certificate common-name as the UID in the LDAP authentication. I'm thinking that I just need to modify the filter statement, but I'm unsure how the statement should be structured? I hope I'm making sense? Lester Houston 111 Boeing Research & Technology Electronics Prototyping and Integration Center (EPIC) lester.l.houston-iii@boeing.com 314-234-0621
Houston-III, Lester L wrote:
I have a LDAP server performing authentication on FR clients where EAP-TLS is being used as the mechanism, but the LDAP module is not using TLS.
That's how TLS works.
Is there a way to use the client certificate common-name as the UID in the LDAP authentication.
Not really. There are a few issues here. TLS *does* authentication. So saying you want LDAP authentication for TLS makes no sense. There's no password, so you can't "authenticate" anyone via LDAP. What do you really want to do? Talk about problems, not solutions. Alan DeKok.
participants (2)
-
Alan DeKok -
Houston-III, Lester L