text. there is possible reach EAP-TLS with LDAP??
What I have do ??
any help is welcome
Thank!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
as personal and the last as Trusted Root Certification
Authorities
I wish to use LDAP for authenticate my users but seems that User-Password
must be Clear text. there is possible reach EAP-TLS with LDAP??
What I have do ??
any help is welcome
Thank!
-
List info/subscribe
. there is possible reach EAP-TLS with LDAP??
What I have do ??
any help is welcome
Thank!
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
You have an issue with the cert, the cert the client is sending back is not
recognised by free radius
Riccardo Veraldi wrote:
First I need to extract the CN field (which can be done and I Already
did
You can't *extract* the CN field. You can *compare* the CN field to
another value, as shown in the eap.conf file.
and I can set up
a list of allowed CN in hte users file), and after I need to
Riccardo Veraldi wrote:
Hello,
is it possible in some way to use EAP-TLS X509 authentication together
with LDAP authorization in freeradius2 ?
Yes. You can look the username up in LDAP, and reject the request if
the user doesn't exist.
Actually freeradius2 allows EAP-TLS authentication,
RV but if I wanted to extract the emailAddress or CN field from the
RV X509 certificate and authorize it against my LDAP tree
AdK The limitation isn't the users file.
AdK It's that extracting the fields from the certificate is hard.
I don't understand. rlm_eap's check_cert_cn must be able to
Edgar Fuß wrote:
I don't understand. rlm_eap's check_cert_cn must be able to extract the CN
from the user certificate in order to check it against User-Name (or
whatever).
Yes...
Or at least, with check_cert_cn = %{User-Name}, you can substitute User-Name
for an extracted CN for
For starting it should be enough but what I am not able to do is to set
up the correct sequence.
First I need to extract the CN field (which can be done and I Already
did and I can set up
a list of allowed CN in hte users file), and after I need to do an LDAP
query to check for authorization.
Hello,
is it possible in some way to use EAP-TLS X509 authentication together
with LDAP authorization in freeradius2 ?
Actually freeradius2 allows EAP-TLS authentication, but if I wanted to
extract the emailAddress or CN field
from the X509 certificate and authorize it against my LDAP tree
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hallo,
i use freeradius-snapshot-20040914 eap-tls and ldap alone works
during the use of ldap and eap tls it comes with starts from radiusd -X to
segmentation fault
-
Starting - reading configuration files ...
reread_config: reading
Hi, im runnig freeradius-0.9.3 and openssl-0.9.7d-15.
I use EAP/TLS and it works fine. With this configuration, everybody with an valid certificate can connect. Now it is
necessary, that only people from the OU ou=People, OU=wlan, o=myCompny, c=com can be able to connect to the
Acces-Point. The
On Fri, 23 Jul 2004, Andreas Rieck wrote:
Hi, im runnig freeradius-0.9.3 and openssl-0.9.7d-15.
I use EAP/TLS and it works fine. With this configuration, everybody with an valid
certificate can connect. Now it is
necessary, that only people from the OU ou=People, OU=wlan, o=myCompny, c=com
12 matches
Mail list logo