回复: Re: freeRADIUS + Openldap with TLS

Hangjun He elmerhe at yahoo.com.cn
Tue Oct 30 03:38:35 CET 2007


Hi,
      Yes. eap.conf is part of radiusd.conf.
  But I can not find a variable to set key-file-password in rlm_ldap section.
   
   
   # Lightweight Directory Access Protocol (LDAP)
 ldap {
  server = "ldap.your.domain"
  # identity = "cn=admin,o=My Org,c=UA"
  # password = mypass
  basedn = "o=My Org,c=UA"
  filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
  # base_filter = "(objectclass=radiusprofile)"
    # set this to 'yes' to use TLS encrypted connections
  # to the LDAP database by using the StartTLS extended
  # operation.
  # The StartTLS operation is supposed to be used with normal
  # ldap connections instead of using ldaps (port 689) connections
  start_tls = no
    # tls_cacertfile = /path/to/cacert.pem
  # tls_cacertdir  = /path/to/ca/dir/
  # tls_certfile  = /path/to/radius.crt
  # tls_keyfile  = /path/to/radius.key
  # tls_randfile  = /path/to/rnd
  # tls_require_cert = "demand"
    # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA"
  # profile_attribute = "radiusProfileDn"
  access_attr = "dialupAccess"

tnt at kalik.co.yu дµÀ£º
  You already have. eap.conf is a part of radiusd.conf.

Ivan Kalik
Kalik Informatika ISP


Dana 29/10/2007, "Hangjun He" pi¹e:

>Hi,
>
> I use freeradius 1.1.6 and Openldap 2.3.32. And now It can authenticate success( freeRADIUS + Openldap with TLS TLS encrypt.)
>
> My question is how to set private-key password in radiusd.conf? Is there a related variable to set, just like "private_key_password" in eap.conf .
>
> Thanks.
> John
>
>
>---------------------------------
>ÑÅ»¢ÓÊÏ䣬ÖÕÉú»ï°é£¡
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


       
---------------------------------
ÑÅ»¢ÓÊÏ䣬ÖÕÉú»ï°é£¡ 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071030/3848c66f/attachment.html>


More information about the Freeradius-Users mailing list