I have modify the tls_certfile to tls_certfile=/usr/local/freeradius/etc/raddb/radius-ssl-ldap/radius.crt
But still no success. The debug info is as follows: (Still TLS error) rad_recv: Access-Request packet from host 192.168.80.1:1812, id=31, length=135 NAS-IP-Address = 192.168.80.1 NAS-Port = 50009 NAS-Port-Type = Ethernet User-Name = "ISP-1\\test" Called-Station-Id = "00-0D-ED-11-89-C9" Calling-Station-Id = "00-50-BA-7B-BE-8F" Service-Type = Framed-User Framed-MTU = 1500 EAP-Message = 0x0200000f014953502d315c68667775 Message-Authenticator = 0xf418f027e10d9fff416739014a16f27f Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 radius_xlat: '/usr/local/freeradius/var/log/radius/radacct/192.168.80.1/auth-detail-20041118' rlm_detail: /usr/local/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/freeradius/var/log/radius/radacct/192.168.80.1/auth-detail-20041118 modcall[authorize]: module "auth_log" returns ok for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: Looking up realm "ISP-1" for User-Name = "ISP-1\test" rlm_realm: Found realm "isp-1" rlm_realm: Adding Stripped-User-Name = "test" rlm_realm: Proxying request from user test to realm isp-1 rlm_realm: Adding Realm = "isp-1" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "isp-1" returns noop for request 1 rlm_realm: Request already proxied. Ignoring. modcall[authorize]: module "isp-2" returns noop for request 1 rlm_eap: EAP packet type response id 0 length 15 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 users: Matched DEFAULT at 159 users: Matched DEFAULT at 178 modcall[authorize]: module "files" returns ok for request 1 rlm_ldap: - authorize rlm_ldap: performing user authorization for test radius_xlat: '(uid=test)' radius_xlat: 'dc=mydc' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to x.x.x.x:389, authentication 0 ldap_create rlm_ldap: setting TLS mode to 1 rlm_ldap: setting TLS CACert File to /usr/local/freeradius/etc/raddb/radius-ssl-ldap/cacert.pem rlm_ldap: setting TLS Require Cert to never rlm_ldap: setting TLS Cert File to usr/local/freeradius/etc/raddb/radius-ssl-ldap/radiusservercert.pem rlm_ldap: setting TLS Key File to /usr/local/freeradius/etc/raddb/radius-ssl-ldap/radiusservercertkey.pem rlm_ldap: setting TLS Key File to /dev/urandom rlm_ldap: starting TLS ldap_extended_operation_s ldap_extended_operation ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: TCP 202.119.24.37:389 ldap_new_socket: 9 ldap_prepare_socket: 9 ldap_connect_to_host: Trying 202.119.24.37:389 ldap_connect_timeout: fd: 9 tm: 1 async: 0 ldap_ndelay_on: 9 ldap_is_sock_ready: 9 ldap_ndelay_off: 9 ldap_int_sasl_open: host=hostexample.com TLS: could not use certificate `usr/local/freeradius/etc/raddb/radius-ssl-ldap/radiusservercert.pem'. TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:276 TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:278 TLS: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib ssl_rsa.c:515 rlm_ldap: ldap_start_tls_s() ldap_err2string rlm_ldap: could not start TLS Can't contact LDAP server rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns fail for request 1 modcall: group authorize returns fail for request 1 Finished request 1 [EMAIL PROTECTED] 2004-11-18