Use port 636 to your ldaps server, and let the radius server do the
work. The hardest part is generating the certificate trust.
Sample radiusd.conf for ldaps to Win2K AD:
server = "127.0.0.1"
port = 636
identity = "cn=ldapuser,cn=users,dc=domain,dc=com"
password = yourpass
basedn = "dc=domain,dc=com"
filter =
"(&(samaccountname=%{Stripped-User-Name:-%{User-Name}}))"
start_tls = no
tls_cacertfile =
/usr/local/ssl/certs/sslcertificate.pem
tls_cacertdir = /usr/local/ssl/certs/
If you can get ldapsearch to work, radiusd is a breeze.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Anderson Alves de Albuquerque
Sent: Monday, January 10, 2005 9:18 AM
To: [email protected]
Subject: Radius with SSL
I need one manual about Radius + SSL.
I have RADIUS making authentication in LDAP Server, but I need to pass
the authentication with SSL.
How can I make ?
How cak I help me ? Please...
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
