Question about the supplied config file for tls

Alex Sharaz alex.sharaz at york.ac.uk
Thu Oct 20 15:02:21 CEST 2016


o.k just pulling latest vsn of 3.1 to start with

On 20 October 2016 at 14:00, Alan DeKok <aland at deployingradius.com> wrote:

> On Oct 20, 2016, at 8:41 AM, Alex Sharaz <alex.sharaz at york.ac.uk> wrote:
> > Got that all working so thought I'd do he same thing for FR 3.1.x as I
> also
> > wanted to play with the tls-cache stuff.
> > Slight problem with porting my renamed tls confgi to V3.1.0
>
>   I'd suggest running 3.0, unless you *need* new features in the v3.1
> branch.
>
> > 1). All the other server configs have "server <name>"  at the start of
> each
> > config ... guess thats a 3.1 thing. but in the source tree every
> > sites-avaialble file has server.... except the tls one.
> >
> > Wrap server eduroam-radsec round  my  tls config file and I now get
> > Thu Oct 20 13:23:46 2016 : Error :
> > /etc/freeradius/sites-enabled/eduroam-radsec[8]: Failed to find clients
> > radsec {...}
> >
> > Take the supplied tls file, wrap server ..... round it .... and get the
> > same error.
> >
> > I've definitely got a section saying
> > clients radsec {
> > ...
> > }
> >
> > in both my file and the tls sample supplied in radii
>
>   It should work... but... it's 3.1, and there's just no guarantee.
>
> > Any changes in format of the tls server  config that didn't get into the
> > supplied config file?
>
>   No idea... I'm working on 4.0 right now.  That involves dropping a lot
> of the server on the floor, and re-building it.  I can still fix bugs in
> 3.0, but 3.1 is a much lower priority.
>
>   If you can track it down and fix it, the patch can go into 3.1.   But I
> don't have time for it.  I can still fix bugs in 3.0, but 3.1 is a much
> lower priority.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html


More information about the Freeradius-Users mailing list