FreeRADIUS PostgreSQL sslrootcert only
Sam Hutchings
samhutchings1415 at gmail.com
Tue Mar 31 08:14:56 UTC 2026
> https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
> there is an option sslcertmode which determines the client certificate behaviour.
> Setting that to "disable" will make the connection without attempting to load a client certificate.
Thank you Nick, that has disabled mutual TLS and this is now working.
rlm_sql (sql): Attempting to connect to database
"host=psqlfreeradius.postgres.database.azure.com port=5432
dbname=radius user=radius password=raddpass sslmode=verify-full
sslcertmode=disable sslrootcert=/etc/ssl/certs/MSCerts.pem"
rlm_sql (sql): Initialising connection pool
pool {
start = 5
min = 3
max = 32
spare = 10
uses = 0
lifetime = 0
cleanup_interval = 30
idle_timeout = 60
retry_delay = 30
max_retries = 5
spread = no
}
rlm_sql (sql): Opening additional connection (0), 1 of 32 pending slots used
rlm_sql_postgresql: Connecting using parameters:
host=psqlfreeradius.postgres.database.azure.com port=5432
dbname=radius user=radius password=raddpass sslmode=verify-full
sslcertmode=disable sslrootcert=/etc/ssl/certs/MSCerts.pem
application_name='FreeRADIUS 3.2.8 - radiusd (sql)'
Connected to database 'radius' on
'psqlfreeradius.postgres.database.azure.com' server version 180002,
protocol version 3, backend PID 1275
Sam
More information about the Freeradius-Users
mailing list