set up tls configuration

Alan DeKok aland at
Tue Nov 14 11:22:55 UTC 2023

On Nov 14, 2023, at 5:27 AM, Andrei Katsuk <steep8 at> wrote:
> Hi,
> I want to  set
> ca_file in the tls config section to env variable as follows:
> tls {
>    ca_file = $ENV{LDAP_CERT}
> }
> and skip it if  $ENV{LDAP_CERT} is empty.

  Unfortunately that's not possible right now.

> If it is empty FreeRADIUS shows next error:
> ===========
> Unable to check file "": No such file or directory
> /etc/raddb/mods-enabled/ldap[488]: Failed parsing configuration item "ca_file"
> ================
> How can I skip it in this case?

a)  Submit a patch to skip ca_file if it's empty.

b) use a templating tool to create the configuration file from templates

  The server is flexible, but not infinitely flexible.

  Alan DeKok.

More information about the Freeradius-Users mailing list