TLS: hostname does not match CN in peer certificate
Ivan De Masi
it-support at asta.tu-darmstadt.de
Fri Jun 15 14:09:37 CEST 2012
Hello all,
I have installed freeradius 2.1.10 on Debian Squeeze and configured to
fetch the users on the ldap server.
The access to the ldap server is secured with ssl (not TLS!), so
openladp is listening on port 636.
When I try
# radtest user "mypassword" localhost 1 testing123
I get the following message:
Reply-Message = "TLS: hostname does not match CN in peer certificate"
Complete output:
Sending Access-Request of id 137 to 127.0.0.1 port 1812
User-Name = "user"
User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 1
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=137,
length=73
Reply-Message = "TLS: hostname does not match CN in peer certificate"
That's correct, because I'm still in a testing phase and the openldap
certificate doesn't match with the openldap hostname. But I need to
fetch the data...
What can I change to get it working? Is the only way to generate new
certificate files?
Thanks!
Regards,
Ivan
More information about the Freeradius-Users
mailing list