FreeRADIUS PostgreSQL sslrootcert only
Nick Porter
nick at portercomputing.co.uk
Fri Mar 27 17:07:22 UTC 2026
On 27/03/2026 11:42, Sam Hutchings wrote:
> My query is whether there is a solution to allow FreeRADIUS to ignore
> the sslcert/sslkey being missing from the connection string to enable
> this to function similarly to the above or whether this is a
> limitation of the Azure service that I am using and I should query
> with Microsoft Support.
The "radius_db" string is passed to the PostgreSQL client library
function PQconnectdb - FreeRADIUS doesn't attempt to interpret it at all.
Looking at the PostgreSQL client library documentation
https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
there is an option sslcertmode which determines the client certificate
behaviour.
Setting that to "disable" will make the connection without attempting to
load a client certificate.
Nick
--
Nick Porter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20260327/af5e5361/attachment.sig>
More information about the Freeradius-Users
mailing list