LDAPS problem while migrating from 2 to 3

Nathan Ward lists+freeradius at daork.net
Fri Jun 30 07:47:58 CEST 2017

> On 30/06/2017, at 4:42 PM, Olivier <Olivier.Nicole at cs.ait.ac.th> wrote:
> TLS certificate verification: depth: 1, err: 20, subject: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3, issuer: /O=Digital Signature Trust Co./CN=DST Root CA X3
> TLS certificate verification: Error, unable to get local issuer certificate
> TLS trace: SSL3 alert write:fatal:unknown CA
> TLS trace: SSL_connect:error in error
> TLS trace: SSL_connect:error in error
> TLS: can't connect: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (unable to get local issuer certificate).

In freeradius LDAP config, set ca_file or ca_path appropriately.

Nathan Ward

More information about the Freeradius-Users mailing list