Hi guys, I am trying to establish a secure connection between freeradius and a Novell eDirectory LDAP server. After configuring LDAP in radiusd.conf it seemed to work, almost:
rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 192.168.1.5:636, authentication 0 rlm_ldap: setting TLS mode to 1 rlm_ldap: setting TLS CACert File to /usr/local/etc/raddb/ldap_ca_cert.pem rlm_ldap: setting TLS Require Cert to demand rlm_ldap: starting TLS rlm_ldap: ldap_start_tls_s() rlm_ldap: could not start TLS Operations error rlm_ldap: (re)connection attempt failed Because I don't know how to get logs from the eDirectory side, I recorded the traffic between both hosts and saw that the TLS handshake had been done, both mashines had exchanged cipher key and begun to send data. After 3 or 4 packets the LDAP server sent a "encrypted alert" and disconnected. Since these data are encrypted I could not see what happened indeed. My question: is it possible to get more debug info from the freeradius side? If yes, how? Thanks, Rickan
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
