Radsec config query
Alex Sharaz
alex.sharaz at york.ac.uk
Fri Jul 21 12:34:32 CEST 2017
Been playing with RADSEC (FR3.0.15) and having gt stuff working thought I'd
tidy up my config files so ...
sites-enabled/tls has the following structure
listen {
...
clients = radsec
limit {
...
}
tls {
<my radse tls config>
}
} //end of listen
clients radsec {
....
}
home_server tls ....
home_server_pool ...
realm .....
having sorted out the tls {..} section, I added a
tls {
$include our_tls/
}
to my radiusd.conf file
and copied the contents of my original tls section into
/usr/local/etc/freeradius/our_tls/prodn2 as shown below
prodn2 {
<all tls config setting from original sites-enabled/tls file tls section>
}
In sites-enabled/tls I then replaced
tls {
..
}
with tls = ${tls.prodn2}
FR fails to start up with error
Fri Jul 21 10:19:24 2017 : Error:
/usr/local/etc/freeradius/sites-enabled/tls[87]: Client does not have the
same TLS configuration as the listener
Fri Jul 21 10:19:24 2017 : Error:
/usr/local/etc/freeradius/sites-enabled/tls[7]: Failed to load clients for
this listen section
but all I've done is move the tls{..} contents into radiusd.conf tls
{prodn2 {...}} and added a tls=${tls.prodn2} statement.
More information about the Freeradius-Users
mailing list