Ok, sounds good.
I run Netware v 5.70.33 and that seems to have edirectory version 8.7.3.x
I got a tab on novell with Ldap-connection.
"Transport Layer Security (TLS / SSL)"
Server Certificate: "SSL CertificateDNS"
Client Certificate: **Not Requested** / Requested / Required
Trusted Root Containers: TRUSTrootOU.Security
( ) Require TLS for all operations (not checked)
( ) Enable and require mutual authentication (not checked)
Ports
(x) Enable Encrypted Port
Port: 636
(x) Enable Non-Encrypted Port
Port: 389
If thats some kind of help!?
/Mr G
From: "Jorgen Rosink" <[EMAIL PROTECTED]>
Reply-To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
Subject: Re: TLS cant connect ldap+freeradius+novell
Date: Mon, 23 Jul 2007 11:47:45 +0200
On 7/23/07, Martin G <[EMAIL PROTECTED]> wrote:
> I connected to the novell-server and inspected what ports the ldap used
and
> its running on unencrypted 389 and encrypted port 636.
>
> My ldapconf now looks like:
> BASE: ou=adm,ou=malmo,o=wifi
> URI ldap://10.10.0.11 ldap://10.10.0.11
> TLS_CACERT /etc/freeradius/certs/WIFITREE_CA.pem
> TLS_REQCERT demand
> ldap_version 3
> port 636
> ssl start_tls
> ssl on
You're trying to use "start_tls", TLS connections are started on the
(unencrypted) port 389 and are "upgraded" to a secure connection on
the same port. So probably you don't have TLS support with your LDAP
server (you need at least eDirectory 8.7 for what I know). Learn your
LDAP server to talk TLS (by upgrading it), or initiate connections on
the SSL port (636) and not the TLS one...
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
_________________________________________________________________
Need a brain boost? Recharge with a stimulating game. Play now!
http://club.live.com/home.aspx?icid=club_hotmailtextlink1
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
