I wanted to know if anyone ahs had any problems with running radius and ldap on the same server without using PAM. The reason for this is down the line there will be two radius/ldap servers for redundancy. But the problem I am seeing is when radius tries to do a tls call to ldap using the exact same ca certificate that ldap is using for client authentication, ldap says that it is a bad certificate. The certificate is good, it is a self signed certificate that has a two year term. Also if I run the same radius configuration file on another machine and point to the same ldap server using the same cacert files, everything works fine. I have tried porting the cert files over from the working machine to the ldap server that I want the radius stuff to work on. the machine has iptables turned off so there are not any rules to deny service on either the ethernet interface or localhost. I am running freeradius 0.9.3. Any good feedback would be appreciated. Thanks!
Jermaine 'Tre' Johnston Sr. Network/Security Engineer x1337 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
