I am wondering that I had a statement "checking for SSL_new in -lssl ... no" when I
ran "configure", will it cause Radiusd fails to connect to my secure LDAP server?
Thanks,
ming
-----Original Message-----
From: Kostas Kalevras [mailto:[EMAIL PROTECTED]
Sent: Thu 9/16/2004 5:19 PM
To: [EMAIL PROTECTED]
Cc: Hou, Ming
Subject: Re: LDAP SSL won't bind??
On Thu, 16 Sep 2004, Hou, Ming wrote:
> Hi,
>
> Does anyone have any problem for FreeRadius 1.0.0 to communicate a
> secure ldap server on Solaris 8?
>
> There are my components:
> FreeRadius 1.0.0
> Openldap 2.2.15
> OpenSSL 0.97d
> Gcc 3.3.2
>
> There is my ldap configuration:
>
> ldap ldapssl {
> server = "ldapx.njit.edu"
> port = 636
> tls_cacertfile = /usr/local/radius/cert/xxx.perm
> ...
> Start_tls = no
> ...
> }
>
> There is my runtime log file:
> ...
> rlm_ldap: ldap_get_conn: Checking Id: 0
> rlm_ldap: ldap_get_conn: Got Id: 0
> rlm_ldap: attempting LDAP reconnection
> rlm_ldap: (re)connect to ldapx.njit.edu:636, authentication 0
> rlm_ldap: setting TLS mode to 1
> rlm_ldap: setting TLS CACert File to /usr/local/radius/cer/xxx.perm
> rlm_ldap: bind as / to ldapx.njit.edu:636
> rlm_ldap: bind to ldapx.njit.edu:636 failed: Can't contact LDAP server
> ...
>
> However, I tested FreeRadius 1.0.0 on my RedHat Linux 9 with RedHat
> default installed OpenLDAP and OpenSSL, it could talk with my backend
> ldap server with port 636. At this point, I am very sure that my secure
> LDAP server is okay.
>
> Any idea to fix my issue?
Check your ldap server logs. Are there any ACLs in the way? Running tcpdump
would probably also be a good idea.
>
> Thank you.
> ming
>
>
>
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
