[CentOS] Freeradius, openldap and TLS
advax at triumf.ca
Thu Apr 14 22:39:28 UTC 2016
We have a freeradius server using LDAP authentication against openldap.
We have had freeradius-3.0.4-6 on CentOS 7 successfully communicating
with openldap-servers-2.3.43 on CentOS 5.
We need some features in freeradius-3.0.12. When I build that on CentOS
6, it initially works, but then develops TLS errors.
We can search and authenticate against the LDAP server with Apache, and
with ldapsearch using ldaps:// URLs and with start_tls.
If I ask the freeradius community, I am told unequivocally to use
OpenSSL not NSS. (currently, radiusd is finding the server CA
certificate in /etc/raddb/certs/cert8.db but the client certificate in a
PEM file after looking in cert8.db first)
Is this possible with the standard CentOS builds, and if so, is there a
tutorial or examples anywhere ?
If not, has anyone solved this problem ?
Andrew Daviel, TRIUMF, Canada
More information about the CentOS