[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP + RADIUS + SSL
Anderson Alves de Albuquerque <anderson@belem.voip.nce.ufrj.br> writes:
> I use my RADIUS make authentication in LDAP server, but I have a
> problema that I describe below.
>
> I created the certificates with
> http://www.freeradius.org/radiusd/doc/rlm_ldap. And I put in my
> radiusd.conf the configs below, but I have problems.
[...]
> tls_read: want=5, got=5
> 0000: 15 03 01 00 02 .....
> tls_read: want=2, got=2
> 0000: 02 30 .0
> TLS: can't accept.
> TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_pkt.c:1052
> ^Cslapd shutdown: waiting for 0 threads to terminate
> slapd stopped.
You did not describe how you created your certificates, but the log
clearly says that the CA is unknown. This is a good document on
creating certificates
http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53