I am having this same issue. Did you ever find/get a solution?
On Mar 21, 2007, at 11:23 AM, rickan wrote:
Hi guys,
I am trying to establish a secure connection between freeradius and
a Novell eDirectory LDAP server. After configuring LDAP in
radiusd.conf it seemed to work, almost:
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.1.5:636, authentication 0
rlm_ldap: setting TLS mode to 1
rlm_ldap: setting TLS CACert File to /usr/local/etc/raddb/
ldap_ca_cert.pem
rlm_ldap: setting TLS Require Cert to demand
rlm_ldap: starting TLS
rlm_ldap: ldap_start_tls_s()
rlm_ldap: could not start TLS Operations error
rlm_ldap: (re)connection attempt failed
Because I don't know how to get logs from the eDirectory side, I
recorded the traffic between both hosts and saw that the TLS
handshake had been done, both mashines had exchanged cipher key and
begun to send data. After 3 or 4 packets the LDAP server sent a
"encrypted alert" and disconnected. Since these data are encrypted
I could not see what happened indeed.
My question: is it possible to get more debug info from the
freeradius side? If yes, how?
Thanks,
Rickan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
users.html
Brad Lachel
[EMAIL PROTECTED]
-----------------------------
All e-mail to and from this address is subject to the Acceptable Use Policies
of Community High School District #155. All e-mail may be monitored and/or
disclosed to third parties. Any views or opinions presented in an e-mail are
solely those of the author and may not represent those of Community High School
District #155.
Community High School District #155
http://www.d155.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
