Using LDAPS with Freeradius

Byron Jeffery byronjeffery at
Tue Jan 21 06:24:27 CET 2020

Hi Everyone

I am attempting to setup LDAPS on our Freeradius server on Ubuntu that is
querying an Active Directory server for users group memberships, and
hoping for a few guidelines on the correct setup procedure.

So far I have exported the self signed PEM SSL cert form the AD server and
imported it into /etc/freeradius/certs.
In /etc/freeradius/mods-enabled/ldap, I also specified the Port = 636 and
under the TLS section, pointed the ca_file = ${certdir}/ to the
certificate, enabled ca_path = ${certdir} and set require_cert    = 'allow'.

The radius authentication's are working but would like to confirm if this
is the best way to go about enabling LDAPS.

   - Kind Regards

   - Byron Jeffery
   - Assisting ICT Manager

More information about the Freeradius-Users mailing list