[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS / SSL

To: Pierre Burri <pierre@globeall.de>
Subject: Re: TLS / SSL
From: Kirk Turner-Rustin <ktrustin@owu.edu>
Date: Wed, 2 Jul 2003 09:27:32 -0400 (EDT)
Cc: OpenLDAP <openldap-software@OpenLDAP.org>
In-reply-to: <200307020912.03279.pierre@globeall.de>

On Wed, 2 Jul 2003, Pierre Burri wrote:

> Just a confirmation of what Kent says. I have also tried to put the client 
> certificate declaration in ldap.conf and gut TLS errors. After puting them in 
> /home/username/.ldaprc , everything worked fine.
> 
> Another thing about SSL/TLS. I don't know either this client freeradius. 
> The client "gq" which is excellent doesn't work with SSL but works very well 
> with TLS. Are you sure freeradius works with SSL, did you try with TLS (Port 
> 389 + some TLS switch) ?

freeRADIUS 0.8.1 plus TLS works fine here in a test implementation with
OpenLDAP 2.1.17 running under RedHat Linux 7.2.

The 'ldap' clause in our /etc/raddb/radiusd.conf contains:

    ldap {
	server = "test_ldap.owu.edu"
	basedn = "ou=TestAccounts,dc=owu,dc=edu"
	filter =
"(&(uid=%{Stripped-User-Name:-%{User-Name}})(|(owueduaccountprimaryaffiliation=faculty)(owueduaccountprimaryaffiliation=admin)(owueduaccountprimaryaffiliation=retired)(owueduaccountprimaryaffiliation=vip)))"
	start_tls = yes
	tls_mode = no  
	timeout = 4  
	timelimit = 3
	net_timeout = 1
    }

-- 
Kirk Turner-Rustin
Programmer/Analyst
Ohio Wesleyan University
http://www.owu.edu
ktrustin@owu.edu

References:
- Re: TLS / SSL
  - From: Pierre Burri <pierre@globeall.de>

Prev by Date: RE: ldapsearch result
Next by Date: Re: ldapsearch result
Index(es):
- Chronological
- Thread