rlm_rest / SSL one way and server certificate check

Alan DeKok aland at deployingradius.com
Mon Oct 24 16:31:44 CEST 2016


On Oct 24, 2016, at 10:03 AM, Adam Bishop <Adam.Bishop at jisc.ac.uk> wrote:
> 
> On Mon, 2016-10-24 at 13:53 +0000, Chaigneau, Nicolas wrote:
>> So... is it supposed to work with CURLOPT_ISSUERCERT ?
>> if so what am I doing wrong ?
> 
> Is this RHEL/CentOS? There's a  good chance libcurl is linked against
> NSS, which may be the cause.

  That's likely it.

  Having two SSL libraries linked to the same application causes problems.

  RedHat has seen fit to *partially* port their OS to using NSS.  But many applications still use OpenSSL.

  I'd be happy if RedHat either fixed their OS to work, or submitted patches to FreeRADIUS to allow it to link to NSS.

  But I don't think either thing is going to happen.

  Alan DeKok.





More information about the Freeradius-Users mailing list