On Wed, 18 Jun 2003, Owen DeLong wrote:
> I don't know how to get TLS to work, but you should be able to do
> SSL by specifying that the LDAP port to use is 669 (LDAPs) in
> your radius.conf. I'm, however, having a similar problem in that
> I am unable to get it to work because of a complaint about a self-signed
> certificate. If you have any ideas on how to rectify that one, I'd
> appreciate it. I've posted my question to the list twice and have
> received zero response.
>
> Owen
Try the attached patch. I haven't tested it though.
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
Index: rlm_ldap.c
===================================================================
RCS file: /source/radiusd/src/modules/rlm_ldap/rlm_ldap.c,v
retrieving revision 1.106
diff -u -r1.106 rlm_ldap.c
--- rlm_ldap.c 19 May 2003 07:50:47 -0000 1.106
+++ rlm_ldap.c 20 Jun 2003 09:58:59 -0000
@@ -1450,6 +1450,8 @@
radlog(L_ERR, "rlm_ldap: could not set LDAP_OPT_X_TLS option
%s", ldap_err2string(ldap_errno));
}
}
+ if (ldap_int_tls_config(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, "allow") !=
LDAP_OPT_SUCCESS)
+ radlog(L_ERR, "rlm_ldap: Could not set LDAP_OPT_X_TLS_REQUIRE_CERT");
if (inst->start_tls) {
DEBUG("rlm_ldap: starting TLS");
