Paulo Cabrita [EMAIL PROTECTED] wrote:
I saw the code a little closer and I think it's not worthy to try to
have one CA and two certificate for each server. The LDAP client only
support the data for one connection...
static char *tls_opt_certfile = NULL;
Yes, that's exactly what I said.
Thanks Alan.
Nevertheless I will try the solution of one CA for the two servers, if
it's the same, it will probably work
I will post the result later.
Cheers.
Alan DeKok wrote:
Paulo Cabrita [EMAIL PROTECTED] wrote:
...
See:
Hi Alan,
I saw the code a little closer and I think it's not worthy to try to
have one CA and two certificate for each server. The LDAP client only
support the data for one connection...
static char *tls_opt_certfile = NULL;
static char *tls_opt_keyfile = NULL;
static char *tls_opt_dhfile =
Hi Alan.
I made a little more debug on this matter and I discovered that the
error is that FR doesn't like the CA:
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate
Paulo Cabrita [EMAIL PROTECTED] wrote:
...
See:
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/libldap/tls.c?rev=1.133hideattic=1sortbydate=0
...
static char *tls_opt_cacertfile = NULL;
...
Yup. It's a bug in the OpenLDAP client library. They don't support
multiple users
Hi!
I have freeradius 1.1.0 working and I want to have a redundant/load
balancing mecanism but when I use TLS to secure the communication with
the ldaps, FR only works with one server (eg: ldapmaster). The log says
that it cannot contact the other server (eg: ldapslave). But if I use
one
Paulo Cabrita [EMAIL PROTECTED] wrote:
I have freeradius 1.1.0 working and I want to have a redundant/load
balancing mecanism but when I use TLS to secure the communication with
the ldaps, FR only works with one server (eg: ldapmaster). The log says
that it cannot contact the other server
7 matches
Mail list logo