rlm_ldap (ldap): Could not start TLS: Connect error

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Nov 28 15:26:43 CET 2013

On 28 Nov 2013, at 14:03, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:

> On 28 Nov 2013, at 10:34, Hachmer, Tobias <Tobias.Hachmer at stadt-frankfurt.de> wrote:
>> Hello list,
>> in my further tests with FreeRADIUS v3 (rpmbuild from v3.0.x branch) I have a problem with the ldap module and start_tls.
>> This is definitely working:
>> -          Ldap connect with ldap utils (ldapsearch -ZZ and so on) via port 389 with starttls
>> -          Ldap connect with FreeRADIUS 2.1.12 via port 389 (start_tls = yes and require_cert = "demand")
>> This is not working:
>> -          FR 3 ldap module isn’t able to connect to ldap server via port 389 + start_tls=yes
>> -          FR debug error:
> Have you tried setting require_cert = "demand"? We don't set it explicitly anymore.

Ah, missed your comment in the config.

There's nothing obvious. Could you open an issue in GitHub, and i'll take a look when I have more time.

Packet trace might also be useful.


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

More information about the Freeradius-Users mailing list