Hi Heikki,
Thanks for the config and the logs. I think we can get this fixed
easily. Your Radiator config has 'DupInterval 0' in the <Client ...>
clause. For this reason Access-Request with id 7 is not detected as a
duplicate by Radiator and it's written to OpenSSL, which then correctly
does not like it.
The default DupInterval is 10 (seconds). The configuration samples used
to have 0 for testing purposes, but this is no longer needed and the
default is fine for the most cases.
Even with the default DupInterval there still can be a problem that the
TLS handshake is done before LDAP is attempted. When LDAP access is
attempted IGNORE is returned but before that TLS handhsake can be done.
Please let us know if the default DupInterval helps.
Yes, DupInterval resolved this problem.
I was running with this setting very long time. Ops.. thanks for help :)
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
_______________________________________________
radiator mailing list
[email protected]
https://lists.open.com.au/mailman/listinfo/radiator
