FreeRadius authentication failed with a TLS connection problem.

  • 3152481
  • 31-Oct-2007
  • 27-Apr-2012

Environment

Novell SUSE Linux Enterprise Server 10
Novell SUSE Linux Enterprise Server 9
Novell SUSE Linux Enterprise Server 11
FreeRADIUS
eDirectory

Situation

The Radius daemon was loaded with the -X option to run the radius server in debug mode and authentication failed.
It was not clear from the debug output for what reason it failed.
If you include in the radiusd.conf file in the LDAP section the following entry you will get LDAP debug output:
ldap_debug =0xFFFF
This output showed that the server name in the DN attribute of the eDirectory LDAP server certificate was not matching with the hostname of the LDAP server
causing the TLS connection to fail.

Resolution

For troubleshooting FreeRadius LDAP or TLS connection issues include this entry in the radiusd.conf file.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.