ldap tls in freeradius

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Sun Nov 6 10:59:43 CET 2011


Hi,

>       tls {
>          start_tls = no
> 
>            cacertfile      = /etc/raddb/certs/ca.pem
>            cacertdir       = /etc/raddb/certs/
>            certfile        = /etc/raddb/certs/server.crt
>            keyfile         = /etc/raddb/certs/server.key
>            randfile        = /etc/raddb/certs/random
>            require_cert   = "never"

are these certs for the LDAP connectin - or are these your main certs
for the client connections - as the directory looks to be the same.
ensure you have seperate config for your RADIUS<->LDAP connection...

is the CRT file PEM readable?  - ie use openssl tool to check your cert

alan



More information about the Freeradius-Users mailing list