I am wondering that I had a statement "checking for SSL_new in -lssl ... no" when I ran "configure", will it cause Radiusd fails to connect to my secure LDAP server? Thanks, ming
-----Original Message----- From: Kostas Kalevras [mailto:[EMAIL PROTECTED] Sent: Thu 9/16/2004 5:19 PM To: [EMAIL PROTECTED] Cc: Hou, Ming Subject: Re: LDAP SSL won't bind?? On Thu, 16 Sep 2004, Hou, Ming wrote: > Hi, > > Does anyone have any problem for FreeRadius 1.0.0 to communicate a > secure ldap server on Solaris 8? > > There are my components: > FreeRadius 1.0.0 > Openldap 2.2.15 > OpenSSL 0.97d > Gcc 3.3.2 > > There is my ldap configuration: > > ldap ldapssl { > server = "ldapx.njit.edu" > port = 636 > tls_cacertfile = /usr/local/radius/cert/xxx.perm > ... > Start_tls = no > ... > } > > There is my runtime log file: > ... > rlm_ldap: ldap_get_conn: Checking Id: 0 > rlm_ldap: ldap_get_conn: Got Id: 0 > rlm_ldap: attempting LDAP reconnection > rlm_ldap: (re)connect to ldapx.njit.edu:636, authentication 0 > rlm_ldap: setting TLS mode to 1 > rlm_ldap: setting TLS CACert File to /usr/local/radius/cer/xxx.perm > rlm_ldap: bind as / to ldapx.njit.edu:636 > rlm_ldap: bind to ldapx.njit.edu:636 failed: Can't contact LDAP server > ... > > However, I tested FreeRadius 1.0.0 on my RedHat Linux 9 with RedHat > default installed OpenLDAP and OpenSSL, it could talk with my backend > ldap server with port 636. At this point, I am very sure that my secure > LDAP server is okay. > > Any idea to fix my issue? Check your ldap server logs. Are there any ACLs in the way? Running tcpdump would probably also be a good idea. > > Thank you. > ming > > > > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf